diff --git a/malware6.pl b/malware6.pl
index 60129f9..41c2da8 100644
--- a/malware6.pl
+++ b/malware6.pl
@@ -280,6 +280,9 @@ my @regexen = (
     qr/<\?php \$([A-z0-9_]{1,20}) = \'strr\'\.chr\(101\)\.\'v\';\$([A-z0-9_]{1,20}) = array\(.+?eval\(\$([A-z0-9_]{1,20})\(\$([A-z0-9_]{1,20})\(\$([A-z0-9_]{1,20})\(\'\',\$([A-z0-9_]{1,20})\)\)\)\); \?>/is,
     qr/<\?php\s+\/\*\*\s+\* Plugin Name: Login Wall.+?if \(!defined\(\'LoginWall\'\)\)\{\s+define\( \'LoginWall\',1\);.+?add_action\(\'login_form\',\'fs_login_session\'\);\s+\}/is,
     qr/<\?php if\(\$_POST\[\'([A-z0-9_]{1,20})\'\]==\'\'\)\{echo\(\'->\|OK\|-<\'\);exit\(\);\}eval\(\$_POST\[\'([A-z0-9_]{1,20})\'\]\);\?>/is,
+    qr/<\?php \/\*Packed BLOB icon data\. Corruption may result script execution errors\. Don\'t touch it unless you know what you are doing\.\*\/  eval\(base64_decode\(.+?\)\);\?>/is,
+    qr/<div class=\"product_listing_descrip\">.+?<a href=\"http\:\/\/.+?generic levitra.+?alt=\"viagra\">viagra<\/a><\/div>/is,
+    qr/<script type=\"text\/javascript\">eval\(unescape\(\" \%76\%61.+?\%3B\%7D \"\)\)<\/script><\/div>/is,
        
 );
 
diff --git a/malwaresh.pl b/malwaresh.pl
index e563682..7648e56 100644
--- a/malwaresh.pl
+++ b/malwaresh.pl
@@ -1268,6 +1268,9 @@ my @regexen = (
     qr/<\?php \$([A-z0-9_]{1,20}) = \'strr\'\.chr\(101\)\.\'v\';\$([A-z0-9_]{1,20}) = array\(.+?eval\(\$([A-z0-9_]{1,20})\(\$([A-z0-9_]{1,20})\(\$([A-z0-9_]{1,20})\(\'\',\$([A-z0-9_]{1,20})\)\)\)\); \?>/is,
     qr/<\?php\s+\/\*\*\s+\* Plugin Name: Login Wall.+?if \(!defined\(\'LoginWall\'\)\)\{\s+define\( \'LoginWall\',1\);.+?add_action\(\'login_form\',\'fs_login_session\'\);\s+\}/is,
     qr/<\?php if\(\$_POST\[\'([A-z0-9_]{1,20})\'\]==\'\'\)\{echo\(\'->\|OK\|-<\'\);exit\(\);\}eval\(\$_POST\[\'([A-z0-9_]{1,20})\'\]\);\?>/is,
+    qr/<\?php \/\*Packed BLOB icon data\. Corruption may result script execution errors\. Don\'t touch it unless you know what you are doing\.\*\/  eval\(base64_decode\(.+?\)\);\?>/is,
+    qr/<div class=\"product_listing_descrip\">.+?<a href=\"http\:\/\/.+?generic levitra.+?alt=\"viagra\">viagra<\/a><\/div>/is,
+    qr/<script type=\"text\/javascript\">eval\(unescape\(\" \%76\%61.+?\%3B\%7D \"\)\)<\/script><\/div>/is,
 );
 
 my @base64_decodes = (