Excellent!

Only security plugin that found a suspicious php include. The include called a PNG file that contained encrypted javascript which injected random text links to yoosocial.com gambling iframes. Very technical, but simple to delete. This plugin showed me exactly where to look. Thanks!