diff --git a/malware4.pl b/malware4.pl
index 0a04656..99f1f99 100644
--- a/malware4.pl
+++ b/malware4.pl
@@ -98,7 +98,7 @@ my @regexen = (
     qr/<\?php\s+if\(isset\(\$\_REQUEST\[\'xftest\'\]\)\)die\(pi\(\)\*6\).+?eval.+?exit\(\)\;\}\s+\?>/is,
     qr/<\?php\s+\@ini\_set\(\'display\_errors\'\,\s+\'0\'\)\;\s+error\_reporting\(0\)\;\s+\$skipme\s+\=\s+false\;\s+\$bad\_agents\s+\=\s+\'\~google.+?<\/script>\"\;\s+\}\s+\}\s+\}\s+\?>/is,
     qr/<\?php\s+if\/\*([A-z0-9]{1,20})\*\/\(isset\(\$\_REQUEST\[\'([A-z0-9]{1,20})\'\]\)\)\{eval\(\/\*([A-z0-9]{1,20})\*\/\$\_REQUEST\[\'([A-z0-9]{1,20})\'\]\)\/\*([A-z0-9]{1,20})\*\/\;exit\;\/\*([A-z0-9]{1,20})\*\/\}\?>/is,
-    
+    qr/<\?php\s+if\s+\(isset\(\$\{\"\_REQ\"\.\"UEST\"\}\[\'([A-z0-9]{1,20})\'\]\)\)\{\$q\=\"asser\"\.\"t\"\;\$q\(\$\{\"\_REQUEST\"\}\[\'([A-z0-9]{1,20})\'\]\)\;exit\;\}/is,
 );
 my @base64_decodes = (