Is it possible to include a scan of .htaccess?
This plugin was amazingly helpful in helping us clean up recent hacks, but for days Google Adwords support has been telling us that the site still has some malicious outbound links. I haven't been able to locate them for anything. I assumed there was some malicious encoded entries somewhere that were generating the links, but couldn't find them. I know WordPress has a lot of URL's, so it was a difficult task.
Finally I looked at the .htaccess file and found that there was a statement in there that was redirecting all of the mobile traffic to some undesired sites.
I don't know if this fixed the issue or not yet, but certainly it's going to help us out. I just thought it would be a nice addition to your amazing plugin, if possible.
I was also seeing a lot of the entries below under "All Hits" and I haven't seen any in the 10 minutes since removing that code, so I hope that was what was causing them;
An unknown location at IP (removed) left http://www.magneticchuckservices.com/ and tried to access non-existent page http://www.magneticchuckservices.com/undefined