Repair structure and remove trojan horses etc on two smal prestashops on same webhot

We have 2 small webshops - kids2crazy.com and ani-event.dk at same webhotel (At the moment very little sale / activity)
A month ago, I wanted to make a normal “1click-upgrade” at kids2crazy to latest version, but I ran into problems, maybe because of the Leo Theme we use. Result after the normal upgrade procedure was a 500 error and the site were not accessible. Anyway, our hoster Azehosting.net tried to fix the problem, by overwriting the modules they thought caused the problem with similar from a downloaded fresh Prestashop, and also the site looked ok again. But we obviously did not check properly, because…
Yesterday my son, who is taking over, wanted to work on with the shop, but it seems that some of the structures has been corrupted. You can access the backend, but you cannot go into "Catalogue" and “modules”
At the same time we have experienced hacking and phishing on our main site ani-event.dk This has been closed by our hoster azehosting.net
As both sites are on same domain / webhotel, we have yesterday upgraded to a new structure, so that each domain later will have its own cPanel. However the hoster cannot do this until the virus / malware has been removed totally. But you have all Cpanel tools accessible now.
Azehosting does provide some virus tools, but they are, unfortunately of no use.
So, what I´d like you to give an estimate price on is:

Job description:
In short: To remove hacker-attack / phishing on our two websites. Fixe broken structure (after upgrade attempt) on ani-event.dk

For both sites: Webhotel: Azehosting.net - Use Cpanel.

Kids2crazy.com
Tech info: Prestashop 1.7X (Structure broken after trying to make versionupdate.)
Is based on a Leo Theme. Has no other additional modules beside paymodule (quickpay and Paypal)
1. Fix broken structure. Cannot access products and Catalogues. We made a simple versionupdate, which resulted in a 500 error. Our webhoster overwrote the prestashop-folders they thought was the problem and the frontend worked again. However in backend we can not acces “Cataloque” and “Modules”.
2. Analyze for malware / trojan horses and other viruses. Remove this.
Maybe - (suggested from our hoster): Delete module-folders (containing malware) in Prestashop and replace with same folders with new original downloaded folders from module-supplier. (However this will properly cause some resetting in certain modules, and I´m not sure this will eliminate the attack completely .. I´m actually not sure it will work at all)
3. Make the website a “secure connection” At Azehosting “secure connection are a ready / paid option”
4. Upgrade Prestahop and Leotheme to latest version.
5. Make “Paypal payment work again” (Did get corrupted also after an update of the Paypal module in June.
6. Look at the vulnerabilities at our two sites and suggest and maybe implement “anti hacking / virus” solutions

Ani-event.dk
Has worked well, but has been closed last week by our webhoster due to phishing attack.
Tech info. Prestashop 1.6X
1. Analyze for malware / trojan horses and other viruses. Has been detected.. se report). Same remarks as for kids2crazy (not sure overwriting infected folder will help)
2. Make the website a “secure connection” at Azehosting “secure connection are a ready / paid option”
3. Upgrade Prestahop and third part modules “bamegamenu plugin” to latest version.
4. Look at the vulnerabilities at our two sites and suggest and maybe implement “anti hacking / virus” solutions

Access information:
Comes later: