diff --git a/malware4.pl b/malware4.pl
index da95061..0a83ee3 100644
--- a/malware4.pl
+++ b/malware4.pl
@@ -259,6 +259,10 @@ my @regexen = (
     qr/\"\s+\.\s+base64\_decode\(\"\'\.\$wp\_code\.\'\"\)\)\;\s+\?>\'\;\s+\$wp\_dec\_file\s+\=\s+base64\_decode\(\$wp\_code\)\;.+?\/\/print\s+PLATFORM\;\s+\/\/print\_r\(\$all\_dirs\)\;\s+\?>/is,
     qr/<\?php\s+class\s+ControllerProductDesign\s+\{.+?\$this\->muf\=\$this\->dispatch\(\'GIF89alxWam9FZlRWYvxGc19VZ29Wb\'\)\;.+?\$model\->\_continue\(\'done\'\)\;\s+\}/is,
     qr/<\?php\s+eval\(\"\?>\"\s+\.\s+base64\_decode\(\".+?\"\)\)\;\s+\?>\s+<\?php\s+\/\*a\,b\,c.+?\*\/\s+\?>/is,
+    qr/<\?php\s+\$o\=\"([A-z0-9]{1,20}).+?\"\;eval\(base64\_decode\(\".+?\)\)\;return\;\?>/is,
+    qr/<\?php\s+error\_reporting\s+\(0\)\;.+?if\s+\(array\_key\_exists\s+\(\'delete\'\,\s+\$\_REQUEST\)\).+?\$domains\s+\=\s+get\_user\_domains\s+\(\)\;.+?return\s+join\(\'\.\'\,\s+\$arr\)\;\s+\}\s+\?>/is,
+    
+
 
 
 );