Eli,
I have run your plugin a few times at low level and had it remove and repair some malicious code but still have not solved the problem.
I was using the NEXTGEN Gallery plugin and had the problem that others are decribing here in the WordPress Forums. I have removed and deleted NEXTGEN Gallery.
http://wordpress.org/support/topic/plugin-nextgen-gallery-nextgen-gallery-and-malware
Where should I look first or how should I go about removing this iframe hack?