To clean Non-WordPress files and folders, we need to first scan them. For us, the cleaning process comes after scanning. 

By default, MalCare only scans WordPress files and folders but you can add non-WordPress files or folders using the following process:

Step 1: You need to first add your Non-WordPress Files and Folders to BlogVault Scanner, This article will help you -> How do I scan non-WordPress folders?

Step 2: Now after adding them to scanner open that Site Details page, and click on sync icon.

Step 6: Once the sync is complete, MalCare will tell you that your site is clean or hacked. In our case, the site is hacked.

Step 7: To see what files are infected, select the number that appears beside the term Ste Hacked.

Step 8: In the screenshot below, you can see the non-WordPress file called content-dashboard.php that we had added earlier. It's an infected file.

Step 9: Next, you have to clean the infected files. This article explains it in brief about how to clean your website using BlogVault. -> How to clean my website using BlogVault?

And that’s folks. Your website is now clean.