1script - 12:57 am on Aug 25, 2011 (gmt 0)
@ponyboy96: Thanks for your suggestions! I do hear what you're saying but I'm pretty darn sure it is a penalty (ban) this time around. I'm not only not blocking them, but Googlebot is the single most bandwidth-wasting visitor on my sites last two days: they send no visitors and yet they download 50,000+ pages per day. I used WMT to "Fetch as Googlebot" and it was able to get there just fine.
@maximillianos: you make all great points. In fact, I cannot be 100% sure there is no backdoor. I will keep looking of course, including coming in on a different IP, which is a great idea, but if the hacker is still there, (s)he is quietly sapping resources other than http - I am constantly checking HTML code, logs and WMT crawling errors and nothing suggests that the html code of my pages has been modified in any way. Additionally, none of the sites hit with the ban and hosted on this server are listed in any spam database. Besides, I have banned sites on another server that has never been hacked into (to the best of my knowledge, of course)
I still harbor some hope that the issue is technical but I'm not getting any closer to finding it.