rngdmstr - I informed a WP plugins staff member about the malware problem. He checked the code file for inc-popup.php and did not find any code that could be a generic mailer/email spam problem. He said a virus scanner could have flagged the file as malware by mistake.
After I deleted the plugin in February, and also this month, my web host rescanned my website and did not find any more malware problems.
My web host informed me that one of the ways malware can happen is:
Installing applications, add-ons or modules that are downloaded from third-party locations and may be infected.
The inc-popup.php file is in the modules folder. So, I thought maybe the file was infected before being installed on my site.
Now I realize I should have downloaded a copy of the file right after it was identified as malware. My web host gave me 24 hours to document that I fixed the problem or they would suspend my site. And so it goes.
Thanks for the help.