diff --git a/malware6.pl b/malware6.pl
index 08d40a1..2ac9ce0 100644
--- a/malware6.pl
+++ b/malware6.pl
@@ -376,7 +376,8 @@ my @regexen = (
     qr/<\?php\s+if\(isset\(\$_POST\[\'.+?\$b=base64_decode\(\$html\);\s+\}\s+if\(strlen\(\$b\)<300\)\{echo \'indexcode not ok\';exit;\};\s+if\(file_exists\(\$index\)\)\{\@chmod\(\$index,0755\);\@unlink\(\$index\);\}\@file_put_contents\(\$index,\$b\);echo \'ok\';\s+\}\s+\?>/is,
     qr/<\?php\s+\@session_start\(\);.+?\$default_use_ajax = true;\s+\$_F=__FILE__;\$_X=.+?eval\(base64_decode\(.+?\)\);\?>/is,
     qr/<\?php eval\(gzinflate\(gzinflate\(base64_decode\(\".+?\"\)\)\)\); \?>/is,
-    
+    qr/<\?php\s+error_reporting\(E_ERROR\);set_time_limit\(0\);\s+if\(isset\(\$_POST\[\'.+?\'\]\)\)\{\s+\$tofile=\'40\d\.php\';\s+\$a =base64_decode\(strtr\(\$_POST\[\'.+?\'\], \'-_,\', \'+\/=\'\)\);\s+\$a=\'<\?php \'\.\$a\.\'\?>\';\s+\@file_put_contents\(\$tofile,\$a\);\s+require_once\(\'40\d\.php\'\);\s+\@unlink\(\$tofile\);\s+exit;\s+\}\s+\?>/is,
+
    
     
 );
diff --git a/malwaresh.pl b/malwaresh.pl
index cd99d01..e111c57 100644
--- a/malwaresh.pl
+++ b/malwaresh.pl
@@ -1363,7 +1363,8 @@ my @regexen = (
     qr/<\?php\s+if\(isset\(\$_POST\[\'.+?\$b=base64_decode\(\$html\);\s+\}\s+if\(strlen\(\$b\)<300\)\{echo \'indexcode not ok\';exit;\};\s+if\(file_exists\(\$index\)\)\{\@chmod\(\$index,0755\);\@unlink\(\$index\);\}\@file_put_contents\(\$index,\$b\);echo \'ok\';\s+\}\s+\?>/is,
     qr/<\?php\s+\@session_start\(\);.+?\$default_use_ajax = true;\s+\$_F=__FILE__;\$_X=.+?eval\(base64_decode\(.+?\)\);\?>/is,
     qr/<\?php eval\(gzinflate\(gzinflate\(base64_decode\(\".+?\"\)\)\)\); \?>/is,
-    
+    qr/<\?php\s+error_reporting\(E_ERROR\);set_time_limit\(0\);\s+if\(isset\(\$_POST\[\'.+?\'\]\)\)\{\s+\$tofile=\'40\d\.php\';\s+\$a =base64_decode\(strtr\(\$_POST\[\'.+?\'\], \'-_,\', \'+\/=\'\)\);\s+\$a=\'<\?php \'\.\$a\.\'\?>\';\s+\@file_put_contents\(\$tofile,\$a\);\s+require_once\(\'40\d\.php\'\);\s+\@unlink\(\$tofile\);\s+exit;\s+\}\s+\?>/is,
+
 );
 
 my @base64_decodes = (