RT @theharmonyguy: Apparently xmlrpc.php was being used to access backdoor. Very sorry for all the fuss. double-check your uploads folders.