This blog was struck by spammers (or spambots judging by how many posting came from so many places). They dropped a bunch of encrypted PHP files into various directories. Not sure what they do, but I have posted part of one of them below
for a friendly PHP wizard to decode.
The common file name that was used was “ini44.php”, but there were others as well. I suspect they were able to post because I had a stupidly weak password on the admin account. Much stronger now!