Three things I would do if you haven't already:
1. Be sure your user id is in the list of Undeletable/Unalterable Users in includes/config.php
2. Change the filepath to your adminCP in includes/config.php (and change the name of the directory on the server). Once you do this you can create your own link in your bookmarks. Check what the link to your adminCP is in the page footer and if it has changed to your new filepath remove it completely and use only your bookmarked link for access.
3. Check your Control Panel Log in adminCP, there you may find info on the hacker. Then in IP Deny Manager on cPanel ban the IPs of the hacker
EDIT: you can read IP addresses for the adminCP directly out of your database in the adminlog table and ban foreign IPs before you restore your forum.
EDIT2: you can edit your footer template directly in the database to remove the Admin link. Use the search feature in phpMyAdmin to find "footer"
|