Port Blocked After Malicious File Found on Wordpress


I run a woocommerce store website with my cousin. I checked the website today after several days and found it was not working. On checking I found out that host has blocked port. The exact message is this.


Outbound Port 80 443 587 and 465 for your account are BLOCKED


Host has found some malicious files. All of them are function.php files from each theme that I have installed.

My guess is that my stupid cousin installed some plugin which are not available on the wordpress site and they caused the issue. I have deleted all these plugins.

What should be my next step. Could somebody guide me? Should I delete these files or do a complete fresh installation? In such case