Update 'malware3.pl'

malware3.pl

@@ -20,8 +20,6 @@ our $q = CGI->new;
 print "Content-type: text/html\n\n";
 
 my @regexen = (
-    qr/<\?php\s+function\s+([A-z0-9]{1,10})\(\$([A-z0-9]{1,10})\,\s+\$([A-z0-9]{1,10})\)\{\$([A-z0-9]{1,10})\s+\=\s+\'\'\;\s+for\(\$([A-z]{1,2})\=0\;\s+\$([A-z]{1,2})\s+\<\s+strlen\(\$([A-z0-9]{1,10})\)\;\s+\$([A-z]{1,2})\+\+\)\{\$([A-z0-9]{1,10})\s+\.\=\s+isset\(\$([A-z0-9]{1,10})\[\$([A-z0-9]{1,10})\[\$([A-z]{1,2})\]\]\)\s+\?\s+\$([A-z0-9]{1,10})\[\$([A-z0-9]{1,10})\[\$([A-z]{1,2})\]\]\s+\:\s+\$([A-z0-9]{1,10})\[\$([A-z]{1,2})\]\;\}\s+\$([A-z0-9]{1,10})\=\"base64\_decode\"\;return\s+\$([A-z0-9]{1,10})\(\$([A-z0-9]{1,10})\)\;\}.+?\$([A-z]{1,2})\s+\=\s+\Array\(.+?eval\(([A-z0-9]{1,10})\(\$([A-z]{1,2})\,\s+\$([A-z]{1,2})\)\)\;\?>/is,
-    qr/<\?php\s+\$([A-z0-9]{1,10})\=\'aWYoaXNzZXQoJF9SRVFVRVNUWydjb2NvJ10pICYmICRfUkVRVUVTVFsnY29jbyddIT0nJyl7ZXZhbCgkX1JFUVVFU1RbJ2NvY28nXSk7ZXhpdCgpO30\=\'\;eval\(base64\_decode\(\$([A-z0-9]{1,10})\)\)\;exit\(\)\;\s+\?>/is,
     qr/<script.+?G91825.+?<\/script>/is,
     qr/<\?php\s+if\(isset\(\$\_GET\[\'test\'\]\)\)\{echo\s+\'success\'\;\}else\{isset\(\$\_POST\[\'([A-z0-9]{1,10})\'\]\)\s+\&\&\s+\(\$www\=\s+\$\_POST\[\'([A-z0-9]{1,10})\'\]\)\s+\&\&\s+\@preg\_replace\(\'\/ad\/e\'\,\'\@\'\.str\_rot13\(\'riny\'\)\.\'\(\$www\)\'\,\s+\'add\'\)\;\}\?>/is,
     qr/<\?php\s+\$([A-z0-9]{1,20}).+?\$([A-z0-9]{1,20})\s+\=\s+implode\(array\_map\(.+?\$([A-z0-9]{1,20})\=strtolower\(\$\_SERVER\[.+?\$([A-z0-9]{1,20})\-1\;\s+\?>/is,