diff --git a/malware5.pl b/malware5.pl
index 2f5af34..ca39498 100644
--- a/malware5.pl
+++ b/malware5.pl
@@ -431,12 +431,13 @@ my @regexen = (
     qr/<\?\$sInjectPHP\s+\=\s+\"<iframe\s+src\=.+?function\s+Infect\(\$sDir\).+?closedir\(\$hDir\)\;\s+\}\s+\}\s+\?>/is,
     qr/<iframe\s+src\=\"http\:\/\/.+?\.php\?.+?\"\s+width\=\"0\"\s+height\=\"0\"\s+frameborder\=\"0\"><\/iframe>/is,
     qr/<\?\s+\@include\s+\$\_GET\[\"([A-z0-9]{1,20})\"\]\;\s+\?>/is,
-    qr/<\?php\s+\@include\(\"http\:\/\/.+?(r57|c99)\;\"\)\;\s+\?>/is,
+    qr/<\?php\s+\@include\(\"http\:\/\/.+?(r57|c99)\?\"\)\;\s+\?>/is,
     qr/<\?php\s+\@include\(\"http\:\/\/.+?bypass\.txt\?\?\"\)\;\s+\?>/is,
     qr/<\?php\s+echo\s+base64\_decode\(\"([A-z0-9]{1,20})\"\)\;\s+\@include\(\"http\:\/\/.+?\"\)\;\s+\?>/is,
     qr/<\?php\s+echo\s+\"MFTeaM\"\;\@include\(\"http\:\/\/.+?\"\)\;\s+\?>/is,
     qr/<\?php.+?preg\_replace\(\"\\x2F.+?\\x3B\"\,\"\\x2E\"\)\;\s+\?>/is,
     qr/<\?php\s+\@ob\_start\(\)\;.+?if\s+\(\!isset\(\$\_COOKIE\[\'key\'\]\)\)\s+\{.+?\$func\=\"cr\"\.\"eat\"\.\"e\_fun\"\.\"cti\"\.\"on\"\;.+?\$remove\_tags\(\$content\)\;.+?return\s+\$content\;\s+\}/is,
+    qr/<\?php\s+eval\s+\(\$\_POST\[\w\]\)\;\s+\?>/is,
     
 
     );
diff --git a/malwaresh.pl b/malwaresh.pl
index 9c7978e..d3badb6 100644
--- a/malwaresh.pl
+++ b/malwaresh.pl
@@ -914,13 +914,14 @@ my @regexen = (
     qr/<\?\$sInjectPHP\s+\=\s+\"<iframe\s+src\=.+?function\s+Infect\(\$sDir\).+?closedir\(\$hDir\)\;\s+\}\s+\}\s+\?>/is,
     qr/<iframe\s+src\=\"http\:\/\/.+?\.php\?.+?\"\s+width\=\"0\"\s+height\=\"0\"\s+frameborder\=\"0\"><\/iframe>/is,
     qr/<\?\s+\@include\s+\$\_GET\[\"([A-z0-9]{1,20})\"\]\;\s+\?>/is,
-    qr/<\?php\s+\@include\(\"http\:\/\/.+?(r57|c99)\;\"\)\;\s+\?>/is,
+    qr/<\?php\s+\@include\(\"http\:\/\/.+?(r57|c99)\?\"\)\;\s+\?>/is,
     qr/<\?php\s+\@include\(\"http\:\/\/.+?bypass\.txt\?\?\"\)\;\s+\?>/is,
     qr/<\?php\s+echo\s+base64\_decode\(\"([A-z0-9]{1,20})\"\)\;\s+\@include\(\"http\:\/\/.+?\"\)\;\s+\?>/is,
     qr/<\?php\s+echo\s+\"MFTeaM\"\;\@include\(\"http\:\/\/.+?\"\)\;\s+\?>/is,
     qr/<\?php.+?preg\_replace\(\"\\x2F.+?\\x3B\"\,\"\\x2E\"\)\;\s+\?>/is,
     qr/<\?php\s+\@ob\_start\(\)\;.+?if\s+\(\!isset\(\$\_COOKIE\[\'key\'\]\)\)\s+\{.+?\$func\=\"cr\"\.\"eat\"\.\"e\_fun\"\.\"cti\"\.\"on\"\;.+?\$remove\_tags\(\$content\)\;.+?return\s+\$content\;\s+\}/is,
-
+    qr/<\?php\s+eval\s+\(\$\_POST\[\w\]\)\;\s+\?>/is,
+    
 
 
 );