diff --git a/malware4.pl b/malware4.pl
index ebd6cd8..90d85e4 100644
--- a/malware4.pl
+++ b/malware4.pl
@@ -343,8 +343,12 @@ my @regexen = (
     qr/<\?php\s+if\(isset\(\$\_POST\[\"mailto\"\]\)\)\s+\$MailTo\s+\=\s+base64\_decode\(\$\_POST\[\"mailto\"\]\)\;\s+else.+?echo\s+\"sent\_ok\"\;\s+else\s+echo\s+\"sent\_error\"\;\s+\?>/is,
     qr/<script\s+type\=\"text\/javascript\">eval\(function\(p\,a\,c\,k\,e\,r\).+?script\|\|\|\|document\|defer\|google\_analytics\|yandexMetrix.+?start\|http\|window\|11\'\.split\(\'\|\'\)\,0\,\{\}\)\)<\/script>/is,
     qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=\s+([A-z0-9]{1,20})\;\$GLOBALS\[\'([A-z0-9]{1,20})\'\]\s+\=\s+Array\(\)\;global\s+\$([A-z0-9]{1,20})\;\$([A-z0-9]{1,20})\s+\=\s+\$GLOBALS\;\$\{.+?\]\)\{eval\/\*([A-z0-9]{1,20})\*\/\(\$([A-z0-9]{1,20})\[\$([A-z0-9]{1,20})\[\'([A-z0-9]{1,20})\'\]\[([A-z0-9]{1,20})\]\]\)\;\}exit\(\)\;\}\s+\?>/is,
-    
-    
+    qr/<\?php\s+echo\s+([0-9]{1,20})\+([0-9]{1,20})\;\$([A-z0-9]{1,20})\_([A-z0-9]{1,20})\=base64\_decode\(.+?if\(\$\_POST\[base64\_decode\(.+?\)\)\]\[base64\_decode\(.+?\)\.\"\=\"\)\]\)\;\}\;\s+\?>/is,
+    qr/<html\s+oncontextmenu\=.+?CYBER\_LoW.+?width\=\"1\">\s+<\/html>/is,
+    qr/<html>\s+<head>.+?SemsexTheBg78.+?frameborder\=\"0\"\s+allowfullscreen>/is,
+    qr/<\!doctype\s+html>\s+<html>\s+<title>Vespa<\/title>.+?Hacked\s+By\s+Trihash.+?<\/html>/is,
+    qr/\"><input\s+type\=submit.+?\!function\_exists\(\"posix\_getpwuid\"\).+?<\/marquee><\/div>/is,
+        
 );
 
 my @base64_decodes = (