diff --git a/malware3.pl b/malware3.pl
index 4ca869e..07c2116 100644
--- a/malware3.pl
+++ b/malware3.pl
@@ -585,6 +585,7 @@ foreach my $file (sort @files) {
         next if $file eq 'membershipadmin.php';
         next if $file eq 'wppa-settings-autosave.php';
         next if $file eq 'wpGoogleMaps.php';
+        next if $file eq 'class-fscf-options.php';
         next if $file eq '*\.txt';
         next if $file eq '*\.rar';
         next if $file eq '*\.zip';
diff --git a/malware5.pl b/malware5.pl
index 54f39f8..f3c36a9 100644
--- a/malware5.pl
+++ b/malware5.pl
@@ -90,7 +90,9 @@ my @regexen = (
     qr/<\?php\s+\$s\_pass\s+\=.+?\$s\_func\=\"cr\"\.\"eat\"\.\"e\_fun\"\.\"cti\"\.\"on\"\;\$b374k\=\@\$s\_func\(\'\$x\,\$y\'\,\'ev\'\.\'al\'\.\'\(\"\\\$\s\_pass\=\\\"\$y\\\"\;\?>\"\.gz\'\.\'inf\'\.\'late\'\.\'\(\s+bas\'\.\'e64\'\.\'\_de\'\.\'co\'\.\'de\(\$x\)\)\)\;\'\)\;\@\$b374k\(.+?\$s\_pass\)\;\?>/is,
     qr/\?php\s+if\(\s+isset\(\$\_REQUEST\[\"test\_url\"\]\)\s+\)\{\s+echo\s+\"file\s+test\s+okay\"\;.+?\$data\s+\=\s+base64\_decode\(.+?file\_put\_contents\(\"tivuser\.zip\"\,\$data\)\;.+?die\(\"([0-9]{1,20})\"\)\;\s+\}/is,
     qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=\s+true\;\$([A-z0-9]{1,20})\s+\=\s+true\;\$([A-z0-9]{1,20})\s+\=\s+true\;\$([A-z0-9]{1,20})\s+\=.+?array\(.+?\$([A-z0-9]{1,20})\s+=\s+true\;\$([A-z0-9]{1,20})\s+\=\s+([A-z0-9]{1,20})\;\$([A-z0-9]{1,20})\s+\=\s+false\;\$([A-z0-9]{1,20})\s+\=\s+\"\"\;\$([A-z0-9]{1,20})\s+\=\s+true\;\$([A-z0-9]{1,20})\s+\=\s+true\;\$.+?\$([A-z0-9]{1,20})\s+\=\s+\"\"\;\s+\?>/is,
-
+    qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=\s+array\(.+?\=\s+array\(\'ba\'\s+\,\'se\'\s+\,\'64\'\s+\,\'\_d\'\s+\,\'ec\'\s+\,\'od\'\s+\,\'e\'\)\;\s+\$.+?\=\s+array\(\'gzu\'\,\s+\'nco\'\,\s+\'mpr\'\,\s+\'ess\'\)\s+\;\$.+?eval\s+\(\s+\$.+?\)\s+\)\s+\)\s+\)\s+\;\s+\?>/is,
+    qr/<\?php\s+\$([A-z0-9]{1,20})\s+\=\s+array\(.+?\=\s+array\(\'b\'\s+\,\'a\'\s+\,\'s\'\s+\,\'e\'\s+\,\'6\'\s+\,\'4\'\s+\,\'\_\'\s+\,\'d\'\s+\,\'e\'\s+\,\'c\'\s+\,\'o\'\s+\,\'d\'\s+\,\'e\'\)\;\s+\$.+?\=\s+array\(\'gz\'\,\s+\'un\'\,\s+\'co\'\,\s+\'mp\'\,\s+\'re\'\,\s+\'ss\'\)\s+\;\$.+?eval\s+\(\s+\$.+?\)\s+\)\s+\)\s+\)\s+\;\s+\?>/is,
+