New WP installation being hacked immediately

Okay, so here I am facing a very strange issue. My site is being hacked as soon I finish the first step of wordpress installation. That is maintaining database name/user name and password in WP-Config.php.
When I click on install wordpress button, I get a message saying that wordpress is already installed.
When I go and check the user table, there is only one user and that’s not me. The user name that is there is “gvubterfcse” with email “kahanekpuz@hotmail.com” having administrator access.

Details:
I had two wp sites setup under the same hosting account. One for doing the testing and another production site.

Recently I started facing “Could not make a database connection” error in my live site. The error log showed that MySql database connection is being refused because of too many queries.
Going through the logs, CPU/Memory uses I found that my test site was eating lot of resources which was kind of strange as there was no visitor there.
So, I took it down and performed following steps:

1. Changed DNS of test site to point to my local server setup in my laptop
2. Created an abolutely new wp setup by downloading wp 3.5.2 from wordpress and importing test site’s sql database into the newly created database of my local server,
3. Performed the wp installation steps of modifying wp-config.php to include new sql database name, user id and password.

After doing it I was not able to log in to my test website. Though it was opening fine. So I deleted the website again along-with the database. Created a completely new database without importing data from the old one.
Performed the installation step again and the same issue. There is only one user in sql database as explained above and it comes automatically everytime I tried to do a fresh install. As soon I click on the install wp button after maintaining wp-config, I get message saying wp is already installed.

Strangely, when I setup wp with a difference domain name. It installs and works fine. I installed five different stances of wp in my local server with five different domain names.
Only this particular domain name (my earswhile test site) has this issue no matter how many times I delete everything and install it afresh.
The fact that other installations go fine, indicates there is nothing wrong locally with my laptop. And the fact that I download fresh wordpress package from the official site shows that there won’t be any malicious code inserted in the core package.

I am completely at loss as to what’s happening. Does anybody here has any idea??

Note: I checked the database of test site at hosting server and this user is present there as well but with normal “Subscriber” role. However, now when I try to do a fresh install locally, this user gets administrator role automatically.
Thankfully this user is not there in my live website and everything working fine in my live site since the time I took down my test site.