diff --git a/malware4.pl b/malware4.pl
index c8b43eb..3f589c7 100644
--- a/malware4.pl
+++ b/malware4.pl
@@ -231,7 +231,17 @@ my @regexen = (
     qr/<\?php\s+\/\/silent\s+is\s+gold\s+eval\(gzinflate\(base64\_decode\(.+?\)\)\)\;/is,
     qr/<\?php\s+\/\*\s+PHP\s+Encryption\s+By\s+FathurFreakz.+?\(substr\(file\_get\_contents\(\_\_file\_\_\)\,([0-9]{1,10})\,strlen\(file\_get\_contents\(\_\_file\_\_\)\)\)\)\)\;\_\_halt\_compiler\(\)\;\s+\@FathurFreakz.+?\/([A-z0-9]{1,20})/is,
     qr/<\?php\s+if\(\!class\_exists\(\'OneG\'\)\)\{if\(function\_exists\(\'is\_user\_logged\_in\'\)\).+?return\s+\$content\;\}\}\$ratel\=new\s+OneG\;\$ratel\->init\(\$uri\,\$ua\)\;\}/is,
-    
+    qr/<\!DOCTYPE\s+HTML\s+PUBLIC.+?<title>\:\:\s+ByPass.+?\$file\s+\=\s+fopen\(\"config\.izo\"\s+\,\"w\+\"\)\;.+?<\/html>/is,
+    qr/<\?php\s+\/\*\*\s+Copyright\s+\©\s+2007.+?\*\/\s+eval\(gzuncompress\(base64\_decode\(.+?\)\)\)\;/is,
+    qr/<\?php\s+\$auth\_pass\s+\=.+?\$default\_action.+?\$default\_use\_ajax.+?\$default\_charset.+?\)\)\;\s+return\;\s+\?>/is,
+    qr/<\?php\s+if\s+\(\s+md5\(getenv\(\'HTTP\_USER\_AGENT\'\)\)\s+\!\=.+?\$dflt\_actn\s+\=\s+\'FilesWin\'\;\?>/is,
+    qr/<\?php\s+error\_reporting\(0\)\;.+?function\s+scan\_dir\(\$dirname\)\{.+?if\s+\(\!function\_exists\(\'file\_put\_contents\'\)\)\s+\{.+?if\s+\(isset\(\$\_POST\[\'startreplace\'\]\)\)\{.+?\s+echo\s+\'Finish\!\s+Dir\:\s+\'\.\$dir\.\'\s+Replace\:\s+\'\s+\.\s+\$repl\s+\.\s+\'\s+Files\:\s+\'\.\s+\$coun\;\s+\}\;\s+\}\s+\?>/is,
+    qr/<\?php\s+\/\*\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\s+\#\s+mod\_add\_custom\_css.+?if\s+\(\s+md5\(getenv\(\'HTTP\_USER\_AGENT\'\)\)\s+\=\=.+?eval\(\$data\_row\->htmlcode\)\;\s+\}\s+\?>/is,
+    qr/<\?php\s+\/\*\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\s+\#\s+mod\_add\_custom\_css.+?define\(\'AKISMET\_VERSION\'\,\s+\'2\.2\.6\'\)\;.+?\$dflt\_actn\s+\=\s+\'FilesMan\'\;.+?<input\s+type\=hidden\s+name\=charset>\s+<\/form>/is,
+    qr/<\?php\s+\/\*\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\s+\#\s+mod\_add\_custom\_css.+?\$([A-z0-9]{1,20})\s+\=\s+\$([A-z0-9]{1,20})\(\s+\"\"\,\s+\$([A-z0-9]{1,20})\(\$([A-z0-9]{1,20})\(\s+array\(\$([A-z0-9]{1,20})\{([0-9]{1,10})\}\,\s+\"\\n\"\)\,\s+\"\"\,.+?\)\s+\)\s+\)\;\s+\$([A-z0-9]{1,20})\(\)\;\s+\?>/is,
+    qr/<\?php\s+define\(\'\_JEXEC\'\,\s+1\)\;\s+try\{.+?if\s+\(\s+md5\(getenv\(\'HTTP\_USER\_AGENT\'\)\)\s+\=\=.+?\$db\->query\(\)\;\s+\}\s+\?>/is,
+    qr/<\?php\s+define\(\'\_JEXEC\'\,\s+1\)\;\s+try\{.+?if\s+\(\s+md5\(getenv\(\'HTTP\_USER\_AGENT\'\)\)\s+\=\=.+?eval\(\$data\_row\->htmlcode\)\;\s+\}\s+\?>/is,
+
 
 
 );