Cloning, as it applies to fix wordpress malware cleanup, is the act of creating an exact replica of your WordPress install. What is good is that you can do it. There are a number of reasons why you might want to do this. Here are only a few.
You can search for software that will backup your files and database. If your site is hacked by hackers, you can restore your site with the use of your backup files and change everything that must be changed.
You also need to place the"Anyone Can Register" in Settings/General to view website off, and you ought to have some sort of spam plugin. Akismet is the one I use, the old standby, but there are lots of them nowadays.
Now we are getting into matters. Whenever you install WordPress, you have to edit the document config-sample.php and rename it to config.php. You want to set up the database information there.
Do not use wp_. Most web hosting providers are currently eliminating that default now but if yours does not, fix wp_ to anything else but that.