Leaves a table and settings in your database after deinstallation. Uses the init-Hook to perform on every page call :-(
Doesn't care about the real admin (customer!) knocking at the door while or shortly after an attack has happend.
So please put an .htaccess in your wp-admin folder instead and use HTTP AUTH with a diffent username and password. This is by far the most effective way to prevent admin area hacking in general as well as distributed attacks and probing usually published login names (yes they're published, even if not visible - look into the HTML).
Hope this helps!