Admin Tools does not have any feature related to preventing registration as a regular user. This is a core Joomla feature. That said, I think that you may have not disabled user registration in Joomla or you have a third party extension which allows users to register on your site even when Joomla's user registration is disabled.
The latter may sound crazy but there are several legitimate reasons for third party software to ignore the Joomla setting. For example, e-commerce extensions need to register user accounts for your clients. Social networking extensions also need to control user registration at the extension level rather than the Joomla level; this lets you disable generic Joomla user registration, forcing users to register new accounts through the social networking extension's flow. Likewise, social media login and Single Sign On extensions have a similar reason for needing to allow user registration despite Joomla's user registration being disabled.
Therefore at the very least I'd ask you to check BOTH whether you've really disabled Joomla's user registration (as opposed to having set account validation to administrator) AND whether you have an extension which allows user registration despite Joomla's setting.
Moreover, I disagree with your assessment that it's a hacker that is registering as an unprivileged user account on your site unless we are talking about the world's dumbest hacker. Most likely this is a spam bot, trying to register a user account in case they can find a forum or other place which allows registered users to post publicly. This is not a compromise of your site. It's abusing what you made explicitly possible. The difference is subtle but important. It's the difference between someone picking a locked door and opening an unlocked door with a "WELCOME" sign.
Finally, you said that someone is trying to register an account on your site but you never told me if they activated said account. If Joomla's user registration is allowed but the activation is set to self or administrator the account will be disabled until the user verifies their email address (self) or an administrator accepts the user account (administrator). The reason for Joomla's user activation checks is that anyone can try to register an account but you want to prevent obvious spam bots from ultimately succeeding.
Nicholas K. Dionysopoulos
Lead Developer and Director
π¬π·Greek: native π¬π§English: excellent π«π·French: basic β’ π My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!