Yes, it seems your site has been converted to one to sell levitra. You can find it at many places in your validation report here. Have a look at it.
OMG, thanks for the report, Krishna. Is it several files that have been converted or just xmlrpc.php? I looked through xmlrpc.php and didn’t see anything unusual.
How can I get rid of this?!?
There is a possibility that the are injected into your database too. However, you may try these steps initially:
1. Make a backup of your site including your database.
2. Deactivate all the plugins
3. Revert to Twenty Eleven theme and see if the problem persists.
Also remember that this type of hacking will not show up in security/ hacking testing tools because the hackers do not leave any malware, viruses, etc. But there are several other methods to detect it.
That said, even if you solve the problem now, you still leave security holes open through which they can get in again. So, you need to go through all the steps as recommended for cases of hacking, tightening security, etc.