Is there an advantage to erasing the contents versus deleting?
No, there is no advantage.
Depending on how the malware was injected in the first place, leaving the empty files in their current location may be a good idea. I have seen some malware try to check if the website was already infected to reduce the work time. Some of them do this by checking if the files exist, if yes then the re-infection is skipped.
However, I have also seen other type of malware that also checks the size of the files, because they are now empty it will trigger the reinfection. Even leaving some random content inside those files may not work at all because other type of malware also checks the hash of the file, to verify if the malicious code is correct.
Should I now go ahead and delete these files?
This is a matter of personal choice. If you decide to leave them there, consider to also remove all permissions (read, write, execution) so they cannot be checked, overwritten or executed respectively. Just remember to patch whatever security hole allowed the infection in the first place.
@bemsertanejo the ticket was marked as resolved after I answered the questions from the original poster in my previous comment. Please read that comment and let me know if you don’t understand something so I can explain it with more details.
Be aware that this forum doesn’t offers any assistance with regards to a malware infection, only if you notice an inconsistency with the information provided by the plugin. To clean your website, I suggest you to contact your hosting provider to solve the problem on their end, or hire a security firm to do a clean up.
Anything else, feel free to ask.
