The contents of ths.helioho.st have been discarded, and malware has been cleaned up in one of the other domains too (mac.php file again).
I did notice that there are two additional WP installs on your account in agp.helioho.st and sai.helioho.st. Do you still need these? The agi domain doesn't even work (DNS issue), and you said you thought all of your WP was gone except ths, but it's not. There's still 2 more installations. If you're not using these, it would be best to delete the WP installs to ensure they don't get infected (or the entire domain if you're not using it at all). They are clean at the moment.
Also, this is the second time now that I've had to spend more than half an hour cleaning up your WP issues. If one of the remaining Wordpress installs gets hacked on your account, we're going to require a full reset without a backup, as it's not reasonable for me to keep cleaning this for you due to the amount of time it takes.
Unsuspended.