I have some knowledge. Yesterday I've searched eval and base64_decode functions in the code, that are malicious. Tell one function in one file that tracks, it will be useful to find other.
You have created so many topics about what you need. Nobody cares what you need. Just tell, what you can share, after that, maybe, somebody will share something for you )