It's Wordpress 2.8.4. The attack (it was actually pretty minor to call an "attack") probably came after I updated from 2.8.1, must've been a week or two ago. I had the default "hello dolly" and "akismet" plugins, both inactive, but deleted yesterday when I was changing passwords. Still got & using:
Defensio Anti-Spam 2.03
Simple Tags 1.6.6
Wordpress Database Backup 2.2.2
The theme is called Almost Spring, which I've modified a bit (a color here, a margin width there).
Installed here: http://deeperintomovies.net/journal/
The only admin user is/was myself.
I've never properly understood file permissions. If a file is everybody-writeable (666 or 777), who can write to it? Everybody with FTP access to totalchoice? Everybody with FTP access to my specific account? Or everybody on the entire internet? Maybe I need to scour my install for permissions problems... I'll bet there are a few. Weird that the changed file was 664 at the time, though.
And thanks for the welcome - I've actually been on the forums before but my account must've expired. 4-ish-year totalchoice member and still loving it here.