diff --git a/malware3.pl b/malware3.pl
index e4eb103..e86b8aa 100644
--- a/malware3.pl
+++ b/malware3.pl
@@ -23,6 +23,8 @@ my @regexen = (
     qr/<\?php\s+function\s+([A-z0-9]{1,10})\(\$([A-z0-9]{1,10})\,\s+\$([A-z0-9]{1,10})\)\{\$([A-z0-9]{1,10})\s+\=\s+\'\'\;\s+for\(\$([A-z]{1,2})\=0\;\s+\$([A-z]{1,2})\s+\<\s+strlen\(\$([A-z0-9]{1,10})\)\;\s+\$([A-z]{1,2})\+\+\)\{\$([A-z0-9]{1,10})\s+\.\=\s+isset\(\$([A-z0-9]{1,10})\[\$([A-z0-9]{1,10})\[\$([A-z]{1,2})\]\]\)\s+\?\s+\$([A-z0-9]{1,10})\[\$([A-z0-9]{1,10})\[\$([A-z]{1,2})\]\]\s+\:\s+\$([A-z0-9]{1,10})\[\$([A-z]{1,2})\]\;\}\s+\$([A-z0-9]{1,10})\=\"base64\_decode\"\;return\s+\$([A-z0-9]{1,10})\(\$([A-z0-9]{1,10})\)\;\}.+?\$([A-z]{1,2})\s+\=\s+\Array\(.+?eval\(([A-z0-9]{1,10})\(\$([A-z]{1,2})\,\s+\$([A-z]{1,2})\)\)\;\?>/is,
     qr/<\?php\s+\$([A-z0-9]{1,10})\=\'aWYoaXNzZXQoJF9SRVFVRVNUWydjb2NvJ10pICYmICRfUkVRVUVTVFsnY29jbyddIT0nJyl7ZXZhbCgkX1JFUVVFU1RbJ2NvY28nXSk7ZXhpdCgpO30\=\'\;eval\(base64\_decode\(\$([A-z0-9]{1,10})\)\)\;exit\(\)\;\s+\?>/is,
     qr/<script.+?G91825.+?<\/script>/is,
+    qr/<\?php\s+\@ini\_set\(\'display\_errors\'\,\s+0\)\;\s+\@set\_time\_limit\(3600\)\;\s+define\(\"DOMTXT\"\,\"http\:\/\/.+?return\s+\(\$ip\s+\?\s+\$ip\s+\:\s+\$\_SERVER\[\'REMOTE\_ADDR\'\]\)\;\s+\}\s+\/\/file\s+end/is,
+    qr/<\!DOCTYPE\s+html>\s+<html\s+lang\=\"en\-US\">\s+<head>.+?<link\s+rel\=\'dns\-prefetch\'\s+href\=\'\/\/blogg\.profsoffice\.se\'>.+?<div\s+id\=\"fb\-root\"><\/div>\s+<\/body>\s+<\/html><\/div>/is,
     qr/<\?php\s+\$arrId\s+\=\s+array\(.+?\)\;\s+\/\/file\s+end/is,
     qr/<html>\s+<head>\s+<title>\s+Dark\s+Shell.+?Rename\s+directory<\/a><\/td><\/tr>.+?\"\;\s+\}\s+\}\s+echo\s+\"<\/table>.+?\"\;\s+\?>/is,
     qr/<\?php\s+\$([A-z0-9]{1,10})\s+\=\s+([A-z0-9]{1,10})\;\$GLOBALS\[\'([A-z0-9]{1,10})\'\]\=Array\(\)\;global\$([A-z0-9]{1,10})\;\$([A-z0-9]{1,10})\=\$GLOBALS\;\$\{.+?\]\]\)\;\}exit\(\)\;\}\s+\?>/is,