Hm.... today in my comunity forum, there is some body asking about how to clear /desinfected macileneus code which inject iframe code in index.php.
of course this is server administrator job to cleane up all the mesh.
but we can do some manual cure to eliminate iframe code,.
Base my experience while "x-traff attack" my company site
here it's code to handle it

1.first you neet clean index.php which you can rename itu to backup.php
2.the make and paste this code to fix.php
////////////
$handle = fopen('index.php', "rb");
$contents = fread($handle, filesize('index.php'));
$search_for = 'iframe';
if (strpos($contents, $search_for)) {
fclose($handle);
rename('backup.php', 'index.php');
copy('index.php', 'backup.php');
header ("Location: );
}
////////////
3.make include fix.php in your index.php
that all.... so the fow work is. when virus inject index.php,
the fix code restate to clean index.
mean while don't forget to make support ticket to you hosting, so their admin will clean the virus from their system.