diff --git a/scan.php b/scan.php
index 478677e..c229560 100644
--- a/scan.php
+++ b/scan.php
@@ -161,6 +161,7 @@ class MalwareScanner
             '\x65\x76\x61\x6C' /* case, dec/hex issue? */,
             'ZXZhbCg', // eval
             "'ev'.'al'.'",
+            '/eval\s*\(/i',
 
             'eval(base64_decode(',
             '\x47\x4c\x4f\x42\x41LS', // GLOBALS
@@ -175,31 +176,27 @@ class MalwareScanner
             /* too open? */
             // 'gzinflate(base64_decode(',
             'md5($_GET[', // md5($_GET["ms-load"])
-	    'sendMail',
-	    'echo "ok-ok"',
-	    '/ShellBOT/i',
-	    '/YW55cmVzdWx0cy5uZXQ=/i',
-	    '/eval\s*\(/i',
-	    '/base64_decode\s*\(/i',
-	    '/str_rot13/i',
-	    '/uudecode/i',
-	    '/preg_replace',
-	    'bgeteam',
-	    'DisablePHP=',
-	    '=urldecode',
-	    'moban.html',
-	    '<?php eval',
-	    '$data = base64_decode("',
-
-	    'a,b,c,d,e,f,g',
+    	    '/ShellBOT/i',
+    	    '/YW55cmVzdWx0cy5uZXQ=/i',
+    	    '/base64_decode\s*\(/i',
+    	    '/str_rot13/i',
+    	    '/uudecode/i',
+    	    '/preg_replace',
+    	    'bgeteam',
+    	    'DisablePHP=',
+    	    '=urldecode',
+    	    'moban.html',
+    	    '<?php eval',
+    	    '$data = base64_decode("',
+    	    'a,b,c,d,e,f,g',
             ' freetellafriend.com',
             'SHELL_PASSWORD',
-	    'curl_get_from_webpage',
-		'base=base64_encode',
-		'@x0powo',
-		'@preg_replace',
-		'1@1.com',
-		'META http-equiv="refresh" content="0;',
+    	    'curl_get_from_webpage',
+    		'base=base64_encode',
+    		'@x0powo',
+    		'@preg_replace',
+    		'1@1.com',
+    		'META http-equiv="refresh" content="0;',
             '="create_";global'
         );
            if ($this->ExtraCheck) {