Just an FYI on a site hack that was redirecting every major SE resulting link. Updating to the latest release cleaned up most of the damage, I eventually found the wp-config had an eval(base64_decode stuck in the front of it. The filemod date was not affected so it was easily overlooked.
Never seen the config affected before. Hope to never see it again!