So I was able to fix my site for now.

In case it helps anyone else I had to remove yet another .hataccess file from my server's root directory and also the "www" file mentioned by Soleil above (THANKS!). Seemed to be this file doing the redirecting. WHAT A HASSLE!

Well, it looks as if I had managed too. At least for one of my sites. I had four that had been hacked.

Question I: I did not change my password to phpMyAdmin/MySql yet for some of my sites. If I do it, what would happen on an installed, working site with ZenPhoto? Do I have to run the setup again and make all the styling changes again?

Question II: Is there a way to know whether you have made changes in a new version to php files like: image, album, gallery, search... conatained in a theme?

@saltmine: I am happy that I could help you a little.

1. If you change the mysql credentials you of course need to change them for Zenphoto as well. Setup will tell you if it can't acccess the database.

2. Only with a file compare.