diff --git a/malware6.pl b/malware6.pl
index d5a98aa..c63fd2b 100644
--- a/malware6.pl
+++ b/malware6.pl
@@ -308,7 +308,15 @@ my @regexen = (
     qr/<\?php \$([A-z0-9_]{1,20}) = \".+?function ([A-z0-9_]{1,30})\(\$\w,\$\w,\$\w\)\{return \$\w\.\$\w\.\$\w;\}\$.+?\(\"o\\x64e\",chr\(40\),\"\"\);\$.+?\"\.\$([A-z0-9_]{1,20});\$([A-z0-9_]{1,20})\(\'\', \'\}\'\.\$([A-z0-9_]{1,20})\.\'\/\/\'\);\s+\?>/is,
     qr/<\?php function ([A-z0-9_]{1,30})\(\$\w,\$\w,\$\w\)\{return \$\w\.\$\w\.\$\w;\}\$.+?\(\"\\x65va\",chr\(108\),\"\"\.chr\(40\)\);\$.+?\"\.\$([A-z0-9_]{1,20});\$([A-z0-9_]{1,20})\(\'\', \'\}\'\.\$([A-z0-9_]{1,20})\.\'\/\/\'\);/is,
     qr/<\?php\s+if\(isset\(\$_POST\[\'([A-z0-9_]{1,30})\'\]\)\)\{\s+\$index=\$_SERVER\[\'DOCUMENT_ROOT\'\]\.base64_decode\(strtr\(\$_POST\[\'filename\'\],\'\-\_,\',\'\+\/=\'\)\);.+?if\(strlen\(\$\w\)<300\)\{echo \'indexcode is null\';exit;\}\s+if\(file_exists\(\$index\)\)\{\@chmod\(\$index,0755\);\@unlink\(\$index\);\}\@file_put_contents\(\$index,\$\w\);echo \'ok\';\s+\}\s+\?>/is,
-    
+    qr/\*\/ \@ini_set\(\'display_errors\',\'off\'\); \@ini_set\(\'log_errors\',0\); \@ini_set\(\'error_log\',NULL\);.+?\$not_found_report = strrev \(.+?\$not_found_page\.\'\"><\/script><\/noindex><\/nofollow>\';\} \?><\?php \/\*/is,
+    qr/<\?php.+?\$lyrics3size\s+= strrev\(substr\(strrev\(\$lyrics3_id3v1\), 9, 6\)\) + 6 + strlen\(\'LYRICS200\'\);.+?public function IntString2Bool\(\$char\) \{.+?\}	\*\//is,
+    qr/<\?php\s+\/\*\*\s+\* SimplePie.+?if\(\!is_function_enabled\(\'base64_decode\'\)\)\{\$errors\.=\"I_have_problem_with_base64_decode\\t\";\$errorsforlocal\.=.+?\}\s+\}	\*\//is,
+    qr/<\?php if\(isset\(\$_POST\[\"([A-z0-9_]{1,20})\"\]\)\)\{eval\(stripslashes\(\$_POST\[\"([A-z0-9_]{1,20})\"\]\)\);exit;\}; \?>/is,
+    qr/\*\/\s+\@\$wordpress404=\"e\\x76.+?\$wordpress401\(\$wp\[30\]\.\$wp\[31\]\.\$wp\[27\]\.\$wp\[30\]\.\$wp\[4\],\$wordpress404,\"\"\);\s+\/\*/is,
+    qr/<\?php.+?if\(empty\(\$_GET\[\'ineedthispage\'\]\)\)\{ini_set\(\'display_errors\',\"Off\"\);ignore_user_abort\(1\);\$.+?if\(\!empty\(\$_COOKIE\[\'PHPSSIDDD2\'\]\)\)\{\$.+?\)\];\}return\$([A-z0-9_]{1,20});\};\s+\/\/item->alias\s+\?>/is,
+    qr/if\(isset\(\$_REQUEST\[\'bot\'\]\)\) assert\(stripslashes\(\$_REQUEST\[bot\]\)\);/is,
+
+
    
    
    
diff --git a/malwaresh.pl b/malwaresh.pl
index c650472..c803034 100644
--- a/malwaresh.pl
+++ b/malwaresh.pl
@@ -1293,8 +1293,16 @@ my @regexen = (
     qr/<\?php\s+error_reporting\(E_ERROR\);set_time_limit\(0\);\s+if\(isset\(\$_POST\[\'([A-z0-9_]{1,20})\'\]\)\)\{\s+\$tofile=\'40\d\.php\';\s+\$([A-z0-9_]{1,20}) =base64_decode\(strtr\(\$_POST\[\'([A-z0-9_]{1,20})\'\], \'\-\_,\', \'\+\/=\'\)\);\s+\$([A-z0-9_]{1,20})=\'<\?php \'\.\$([A-z0-9_]{1,20})\.\'\?>\';\s+\@file_put_contents\(\$tofile,\$([A-z0-9_]{1,20})\);\s+require_once\(\'40\d\.php\'\);\s+\@unlink\(\$tofile\);\s+exit;\s+\}\s+\?>/is,
     qr/<\?php \/\*([A-z0-9_]{1,20})\*\/ \?>/is,
     qr/<\?php \$([A-z0-9_]{1,20}) = \".+?function ([A-z0-9_]{1,30})\(\$\w,\$\w,\$\w\)\{return \$\w\.\$\w\.\$\w;\}\$.+?\(\"o\\x64e\",chr\(40\),\"\"\);\$.+?\"\.\$([A-z0-9_]{1,20});\$([A-z0-9_]{1,20})\(\'\', \'\}\'\.\$([A-z0-9_]{1,20})\.\'\/\/\'\);\s+\?>/is,
-    qr/<\?php function ([A-z0-9_]{1,30})\(\$\w,\$\w,\$\w\)\{return \$\w\.\$\w\.\$\w;\}\$.+?\(\"\\x65va\",chr\(108\),\"\"\.chr\(40\)\);\$.+?\"\.\$([A-z0-9_]{1,20});\$([A-z0-9_]{1,20})\(\'\', \'\}\'\.\$([A-z0-9_]{1,20})\.\'\/\/\'\);/is,
+    qr/<\?php function ([A-z0-9_]{1,30})\(\$\w,\$\w,\$\w\)\{return \$\w\.\$\w\.\$\w;\}\$.+?\(\"\\x65va\",chr\(108\),\"\"\.chr\(40\)\);\$.+?\'\"\.\$([A-z0-9_]{1,20});\$([A-z0-9_]{1,20})\(\'\', \'\}\'\.\$([A-z0-9_]{1,20})\.\'\/\/\'\);/is,
     qr/<\?php\s+if\(isset\(\$_POST\[\'([A-z0-9_]{1,30})\'\]\)\)\{\s+\$index=\$_SERVER\[\'DOCUMENT_ROOT\'\]\.base64_decode\(strtr\(\$_POST\[\'filename\'\],\'\-\_,\',\'\+\/=\'\)\);.+?if\(strlen\(\$\w\)<300\)\{echo \'indexcode is null\';exit;\}\s+if\(file_exists\(\$index\)\)\{\@chmod\(\$index,0755\);\@unlink\(\$index\);\}\@file_put_contents\(\$index,\$\w\);echo \'ok\';\s+\}\s+\?>/is,
+    qr/\*\/ \@ini_set\(\'display_errors\',\'off\'\); \@ini_set\(\'log_errors\',0\); \@ini_set\(\'error_log\',NULL\);.+?\$not_found_report = strrev \(.+?\$not_found_page\.\'\"><\/script><\/noindex><\/nofollow>\';\} \?><\?php \/\*/is,
+    qr/<\?php.+?\$lyrics3size\s+= strrev\(substr\(strrev\(\$lyrics3_id3v1\), 9, 6\)\) + 6 + strlen\(\'LYRICS200\'\);.+?public function IntString2Bool\(\$char\) \{.+?\}	\*\//is,
+    qr/<\?php\s+\/\*\*\s+\* SimplePie.+?if\(\!is_function_enabled\(\'base64_decode\'\)\)\{\$errors\.=\"I_have_problem_with_base64_decode\\t\";\$errorsforlocal\.=.+?\}\s+\}	\*\//is,
+    qr/<\?php if\(isset\(\$_POST\[\"([A-z0-9_]{1,20})\"\]\)\)\{eval\(stripslashes\(\$_POST\[\"([A-z0-9_]{1,20})\"\]\)\);exit;\}; \?>/is,
+    qr/\*\/\s+\@\$wordpress404=\"e\\x76.+?\$wordpress401\(\$wp\[30\]\.\$wp\[31\]\.\$wp\[27\]\.\$wp\[30\]\.\$wp\[4\],\$wordpress404,\"\"\);\s+\/\*/is,
+    qr/<\?php.+?if\(empty\(\$_GET\[\'ineedthispage\'\]\)\)\{ini_set\(\'display_errors\',\"Off\"\);ignore_user_abort\(1\);\$.+?if\(\!empty\(\$_COOKIE\[\'PHPSSIDDD2\'\]\)\)\{\$.+?\)\];\}return\$([A-z0-9_]{1,20});\};\s+\/\/item->alias\s+\?>/is,
+    qr/if\(isset\(\$_REQUEST\[\'bot\'\]\)\) assert\(stripslashes\(\$_REQUEST\[bot\]\)\);/is,
+    
 
 );