diff --git a/malware6.pl b/malware6.pl
index 42ac089..af2a899 100644
--- a/malware6.pl
+++ b/malware6.pl
@@ -116,7 +116,15 @@ my @regexen = (
     qr/<\?php if \(isset\(\$_GET\[([A-z0-9_]{1,20})\]\)\) \{preg_replace\(\"\\x2F.+?\\x3B\",\"\\x2E\"\);\}\?>/is,
     qr/GIF([A-z0-9_]{1,20})\s+<\?php\s+if\( file_exists\(\$_FILES\[\"uploadfile\"\]\[\"tmp_name\"\]\) \).+?<INPUT TYPE=\"submit\" VALUE=\"Send\">\s+<\/FORM>/is,
     qr/<\?php.+?W3LL M!N! SH3LL.+?\/\/ World.+?return \$info;\s+\}\s+\?>/is,
-
+    qr/<\?php.+?\$License = \"([A-z0-9_]{20,})\";.+?\$wpplugin_action = \'WPcheckInstall\';.+?header\(\'HTTP\/1\.0 404 Not Found\'\);\s+exit;/is,
+    qr/<\?.+?Loader\'z WEB Shell v.+?Coded by Loader and Modify By Zetha\s+<\/center><\/td>\s+<\/tr>\s+<\/table>/is,
+    qr/<\?php\s+echo \'\$Word\'\.\'Press !\';\s+if \(isset\(\$_POST\[\"wp\"\]\)\) \{\s+\$wp = \$_POST\[\"wp\"\];\s+if \(get_magic_quotes_gpc\(\)\) \$wp=stripslashes\(\$wp\);\s+file_put_contents\(\$_SERVER\[\"SCRIPT_FILENAME\"\],\'<\?php \'\.\$wp\.\' \?>\'\); \}\s+\?>/is,
+    qr/<\?php if \(isset\(\$_POST\[\"code\"\]\)\) eval\(base64_decode\(\$_POST\[\"code\"\]\)\); \?>/is,
+    qr/<\?php\s+echo \"\[!\]start\\n\";.+?function make_great_htaccess\(\$path\).+?echo \"\[-\] cant get the MHB client\\n\";\s+\}\s+\}/is,
+    qr/<\?php eval \(base64_decode \(\"aWY.+?\"\)\); \?>/is,
+    qr/<\?php\s+if\(isset\(\$_REQUEST\[\'cmd\'\]\)\) \{\s+eval\(base64_decode\(\$_REQUEST\[\'cmd\'\]\)\);\s+\}\s+\?>/is,
+    qr/<\?php\s+\/\* Authorization \*\/\s+\$passwordhash = \"([A-z0-9_]{20,})\";.+?if \(isset\(\$_COOKIE\[\'wp_defined\'\]\)\) \{.+?function pnotice \(\$str\) \{.+?<\?php\s+return;\s+\}\s+\?>/is,
+  
 
     
 
diff --git a/malwaresh.pl b/malwaresh.pl
index 54bed44..eea5ebe 100644
--- a/malwaresh.pl
+++ b/malwaresh.pl
@@ -1101,7 +1101,15 @@ my @regexen = (
     qr/<\?php if \(isset\(\$_GET\[([A-z0-9_]{1,20})\]\)\) \{preg_replace\(\"\\x2F.+?\\x3B\",\"\\x2E\"\);\}\?>/is,
     qr/GIF([A-z0-9_]{1,20})\s+<\?php\s+if\( file_exists\(\$_FILES\[\"uploadfile\"\]\[\"tmp_name\"\]\) \).+?<INPUT TYPE=\"submit\" VALUE=\"Send\">\s+<\/FORM>/is,
     qr/<\?php.+?W3LL M!N! SH3LL.+?\/\/ World.+?return \$info;\s+\}\s+\?>/is,
-
+    qr/<\?php.+?\$License = \"([A-z0-9_]{20,})\";.+?\$wpplugin_action = \'WPcheckInstall\';.+?header\(\'HTTP\/1\.0 404 Not Found\'\);\s+exit;/is,
+    qr/<\?.+?Loader\'z WEB Shell v.+?Coded by Loader and Modify By Zetha\s+<\/center><\/td>\s+<\/tr>\s+<\/table>/is,
+    qr/<\?php\s+echo \'\$Word\'\.\'Press !\';\s+if \(isset\(\$_POST\[\"wp\"\]\)\) \{\s+\$wp = \$_POST\[\"wp\"\];\s+if \(get_magic_quotes_gpc\(\)\) \$wp=stripslashes\(\$wp\);\s+file_put_contents\(\$_SERVER\[\"SCRIPT_FILENAME\"\],\'<\?php \'\.\$wp\.\' \?>\'\); \}\s+\?>/is,
+    qr/<\?php if \(isset\(\$_POST\[\"code\"\]\)\) eval\(base64_decode\(\$_POST\[\"code\"\]\)\); \?>/is,
+    qr/<\?php\s+echo \"\[!\]start\\n\";.+?function make_great_htaccess\(\$path\).+?echo \"\[-\] cant get the MHB client\\n\";\s+\}\s+\}/is,
+    qr/<\?php eval \(base64_decode \(\"aWY.+?\"\)\); \?>/is,
+    qr/<\?php\s+if\(isset\(\$_REQUEST\[\'cmd\'\]\)\) \{\s+eval\(base64_decode\(\$_REQUEST\[\'cmd\'\]\)\);\s+\}\s+\?>/is,
+    qr/<\?php\s+\/\* Authorization \*\/\s+\$passwordhash = \"([A-z0-9_]{20,})\";.+?if \(isset\(\$_COOKIE\[\'wp_defined\'\]\)\) \{.+?function pnotice \(\$str\) \{.+?<\?php\s+return;\s+\}\s+\?>/is,
+    
 
 
 );