@patriweb
It is impossible to answer your question without proper investigation of your WordPress site.
It sounds like your site was already infected before the iTSec plugin was installed. You may think to have removed the infection from your site while in fact it is still infected or the vulnerability which is being used to infect your site is still present. Security plugins like iTSec will probably not protect you against such vulnerabilities.
You need to make sure your site is clean and you need to find out which vulnerability allowed attackers to infect your site.
So in short clean your site and plug the hole that allowed attackers to infect your site in the first place.
dwinden