I know this may sounds crazy but I think how ever they have hacked in, they now have access to the DB or there is something in the DB thats giving them access, I have removed the line from genericText.delivery.php, turned off the ability to use PHP in the image folder, removed any PHP files from the image folder, went into the database and varchar(0) the prepend/append in the zones and banners, change password for the DB and the Site Admin and 12 hrs later the attack is back, the varchar is changed back to text in the prepend and 3 of my zones have code added back.
I really need to know how to at least lock them out from adding that code. So far all the recommendations have been done and its still coming back.
I would be willing to let you team take a look at our ads server and DB at anytime if it will help this get resolved.