I have added this threat to my definition updates so that it can now be automatically removed.
With the kinds of trouble that you have had with the scan not completing and now the read errors, I would guess that the memory_limit in your php.ini file is set too low. Ask you hosting provider if you need help finding or changing the memory_limit on your server.
You also need to find the error_log files on your server. Those will tell you a log about the cause of these problems.
There must be something malicious remaining on the server that is rewriting that infection. You need to be able to run the Complete Scan.
Can you open the error Console in your browser’s Inspector and send me a screenshot of the Complete Scan when it gets stuck?
You can also check the error_log files on the server to see if there is anything that might indicate why the complete scan is not able to complete.
What site is this error on?
That issue is with your site’s configuration on the server not specifically with my plugin. First you need to fix the bug that is causing this error, then you can try the complete scan again.
Can you send me the error_log file so that I can try to help you pin down the root cause of this issue?
Thanks for posting this info but I think I just got this issue resolved. Another user had the exact same problem and they sent me access to that file so that I could see what went wrong. I have already just now released a new definition update that fixes this issue so that the whole threat will be removed from your wp-config.php file in future scans. Please update the definitions and let me know if you have any more problems with removing this threat.
This could be a permission issue, or script timeout, or even a memory_limit. The only way to be sure is to check you error_log files when after you get these errors to see what PHP logs as the cause of the issue.
Try adding the word cache to the list of directories to be skipped and see if it will complete the scan then.
You could also check the error_log files on your server to see if it will tell you why it was unable to scan that directory.
When the files are cleaned the malicious content is removed from the file but the file is not deleted, and a backup copy of the infected file (prior to the cleaning) is saved as a custom post type in your database for your review or further study. The backup records can be viewed and deleted from the Quarantine page and you can purge them from the database when you are done cleaning up the site and are sure that you will have no further need of these records.
Thanks for sending me this new variant. I have added this version to my definition updates. Please download the latest definition update and let me know if it still doesn’t get them all 
Thanks for the follow-up and for sending me those files to look at
I verified that none of those files contain any malicious code and specifically that all the code in the failes that were found by that other plugin are False Positives.
I don’t know much about that Shield Security plugin, and I cannot say for sure if any of these are real threats or just false positives, but it looks to me like these files have been flagged by that other plugin for string matches that could could easily have reasonable explanations and benign uses.
If you would like to email these files directly to me then I would be willing to confirm for you that they are clean.
Did you find this code in your DB?
I checked it against my current definition and it should be found by my DB Scan.
If this code is found in a file then please send me this file so that I can recheck it.
I have fixed the issue with non-secure sites being redirected to HTTPS and thus not passing the registration info. Please try again and let me know if it’s still not working for you.
There is and “Email Eli” link on the Anti-Malware Settings page in your wp-admin, or you can reply directly to and email notices that you receive from my site (like this one you got when I replied ; )
You can always email me directly with screenshots any other personal information that you don’t want to post here.
