5
First, if you are on a shared server, the attack was most likely server wide and just not you specificaly. I know that doesn't make you feel any better though.
First thing to do is change all your passwords within your web hosting panel FTP/Mysql and change them to something that will be hard to guess or crack.
Secondly, the attack was most likely done via your 'upload' folder, look in there for anything that maybe a little suspicious and delete it.
Next, purge/delete the following folders in your XOOPS root.
a. cache
b. templates_c
Once you have done that and if that gets you back into your Xoops, please take the next steps.
a. Upgrade to the lastest version of XOOPS (If you haven't already done so) and upgrade your system module.
b. If you can, Chmod the following folders to 755 (If your server allows this)
1. cache,
2. templates_c,
3. uploads.
c. Install Protector module.
d. Change your XOOPS account password.
e. Check the XOOPS FAQ about securing your XOOPS further.
f. Look to see if any of the modules you have installed have updates or there as been any security issues poested about them, you may find some bugfixes around XOOPS somewhere.
Let us know how you get on please :)
Regarding your server logs, you can obtain these via your webhosting cpanel. Contact their support and they should help you with that.
ATB
Catz