It would seem that my plugin is not finding every vulnerability on your site. Are you fixing timthumbs or just known threats? Are you scanning the root of the site or just the plugins directory? Are you an a shared server? Maybe there is another site on your server that is reinfecting you.
Maybe one of the Potential Threats is actually malicious and it is not being detected correctly. Can you send me a list of the Potential Threats?