diff --git a/malware4.pl b/malware4.pl
index 0a83ee3..20d3d6c 100644
--- a/malware4.pl
+++ b/malware4.pl
@@ -261,6 +261,9 @@ my @regexen = (
     qr/<\?php\s+eval\(\"\?>\"\s+\.\s+base64\_decode\(\".+?\"\)\)\;\s+\?>\s+<\?php\s+\/\*a\,b\,c.+?\*\/\s+\?>/is,
     qr/<\?php\s+\$o\=\"([A-z0-9]{1,20}).+?\"\;eval\(base64\_decode\(\".+?\)\)\;return\;\?>/is,
     qr/<\?php\s+error\_reporting\s+\(0\)\;.+?if\s+\(array\_key\_exists\s+\(\'delete\'\,\s+\$\_REQUEST\)\).+?\$domains\s+\=\s+get\_user\_domains\s+\(\)\;.+?return\s+join\(\'\.\'\,\s+\$arr\)\;\s+\}\s+\?>/is,
+    qr/<\?php.+?\$me\s+\=\s+basename\(\_\_FILE\_\_\)\;.+?\}\s+function\s+reload\(\)\{header\(\"Location\:\s+\"\.basename\(\_\_FILE\_\_\)\)\;\}.+?\'\.\'\)\;\?>/is,
+    qr/<\?php\s+\$([A-z0-9]{1,20})\=\'.+?if\(\$([A-z0-9]{1,20})\(\$([A-z0-9]{1,20})\(\$([A-z0-9]{1,20})\(\$([A-z0-9]{1,20})\.\/\*([A-z0-9]{1,20})\'\..+?exit\;\$([A-z0-9]{1,20})\(\$([A-z0-9]{1,20})\(\$.+?\(\/\*([A-z0-9]{1,20})\'\..+?false\,\$([A-z0-9]{1,20}).+?([A-z0-9]{1,20})\'\;/is,
+    qr/<\?php\s+error\_reporting\(0\)\;\s+if\(isset\(\$\_REQUEST\[\"start\"\]\)\s+\&\&\s+md5\(\$\_REQUEST\[\"start\"\]\)\s+\=\=\s+\'([A-z0-9]{32})\'\s+\&\&\s+isset\(\$\_REQUEST\[\"stort\"\]\)\)\s+eval\(base64\_decode\(\$\_REQUEST\[\"stort\"\]\)\)\;\?>/is,