This is probably not the way to do this but this is what I did.
I copied the files to my hard drive using Filezilla. Sure enough Norton 360 picked up two Trojans in the Simple Forum avatar files. (I immediately afterwards did a deep virus check with Norton 360 to make sure I hadn't infected my computer.)
I also contacted my host (Sureserver) and they got their hacking experts on to it. This is what I should have done as soon as aI noticed the website behaving oddly. Anyway, they found a third Trojan in the same directory.
They also later discovered that a rogue "base64/eval" code in the phpmyadmin folder was dumping the rogue code in my index.php file. They advised me to kill phpmyadmin as there have been a lot of attacks through those files which are no longer required in any case.
EVERYBODY SHOULD DO THIS NOW! UPGRADES DON'T REMOVE REDUNDANT FOLDERS OR FILES AND THEY ARE VULNERABLE TO ATTACK.
meanwhile I ran the plugin "Exploit Scanner" which picked up literally hundreds of 'potentially" dangerous code. I copied the results to Sureserver (Word arranges it into a neat table) and they assured me there was no dangerous code in what the scanner had picked up.
As of now I've been going about 10 hours without a repetition of the attacks (touch wood). I am now backing up and changing passwords. I have also removed the ability for members of my forum to upload their own avatars.
Oh, and by the way, for the record, it had nothing to do with All-in-one SEO. Sorry about that.