JerseyDevil4x4, a few additional ideas to add to those you may have already done...
a) Change your passwords to your forum admin account, hosting account, SQL/MySQL, phpMyAdmin accounts, and any other php software you may have installed on your server (Gallery, PhotoPost, WordPress, osCommerce...etc).
b) Search your forum member-base for other users who may have admin access. revoke it.
c) Turn off Markup "Using HTML" and "Using HTML and UBBCode" for all forums, for all users except administrators @ Control Panel > Forum Permissions. Also see below, item " i "
d) Do a DIFF of all the files inside "ubbthreads-7-5-8.zip" and what you've got installed. Anything from the following directories that cannot be found in that install zip archive, remove it. Directories to check: admin, cache_builders, gallery, images, languages, libs, scripts, styles, templates, ubb_js. WINDOWS TIP: If needed, you can use the free 30 day trial of "Beyond Compare 3" to do this. Download
http://www.scootersoftware.com/download.phpe) Delete everything EXCEPT "index.html" from these directories: cache, templates/compile.
f) If you have these directories on your server, delete them: importers, install.
g) Check for malicious code at - or completely disable all Active Text at Control Panel > Feature Settings > Active Text.
h) While still in that screen, go to Attachments and only use ".gif,.jpg,.txt,.zip,.png" for "Allowed Attachment File Extensions:"
i) Go back to Control Panel > Forum Permissions and set "Total # of file attachments" all to "0" (ZERO).
j) Check for any malicious code within the Default Header, Default Footer at Control Panel > Display Options > HTML Includes. If you're not using any of the Header Inserts or Sharaholic Setup Codes, you can leave these sections completely blank. "Body Onload" can also be left blank if you're not using it.
k) Go to Control Panel > Custom Islands, and review the "Body" section of each/every island to confirm that it displays exactly what you want it to display. If you're not using the following items, they can be left with their default "commented-out" items (ex: /* PHP CODE HERE */ /* BODY HERE */) or left empty.
l) And finally, Rebuild Posts, Rebuild Topics, Rebuild Forums, Rebuild Signatures, Rebuild Private Messages at Control Panel > Content Rebuilder.
I'm quite sure there are a few other items that could be checked. But these are a good place to start when looking at your own UBBT install for injected malicious code.
BONUS TIP: If you're on a shared server with your host, ask to be moved to another server -- the server you're currently on has obviously been compromised, and you've taken every action regarding your site account to make sure you're no longer an issue. You just want to be placed on a new server -- AWAY from any further malicious activity.