they will give some suggestion only they aske some money for previouse backup
suggestion are :
Please go through the following : Any attempts to put in Malware or Script Injections on an account occur mostly due to the following reasons: - Improper write permissions are set for any of your files / directories on the web server. Please make sure that none other than extremely required folders have write permissions for users. - Your FTP details are compromised. - The Local System from where you connect to the Web Server is infected. - Known exploits in CMS applications Hence to resolve this issue, you could take the following steps: 1. Download the current content of the site and perform a security audit on every file of your site. Check through the code to see if there are other files too infected with the IFRAME injections. 2. Clean all such files. 3. Change your FTP passwords to stronger ones. Keep changing the passwords frequently. 4. Scan your local system with some good AntiVirus and Malware remover, to make sure your system is also infection free. 5. Upload all new file again to the server. 6. Avoid 777 permissions on any file or folder. 7. Change both the FTP user and database user password so that the database is not injected. 8. Always use updated version of CMS and themes/plugins.