Hey;
We used to have this problem. Every time we thought we removed, it would just re-install itself.
[ Ad copy removed by moderator other than WPyogi ]
1. Remove the Admin User from your WP.
2. Generate a Password with a generator like this one: [ link redacted ]
3. Add a “Limit Login Attempts” [ link changed to real link, cut that out ] http://ww.wp.xz.cn/plugins/limit-login-attempts/ and make the attempts to “1” attempt, and then “lockout”!
4. Finally we started using a free site scanner for cyber criminals. They offer a free trial.
And finally I can say we have had NO problems since. Of course you will ALWAYS have attempts, but I would recommend our procedures. They seem to work great for us!
