diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..4eed44c
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,9 @@
+TARGET = md5
+
+all: $(TARGET)
+
+md5: 
+	md5sum evomalware.filenames > evomalware.filenames.md5
+	md5sum evomalware.patterns > evomalware.patterns.md5
+clean:
+	rm *.md5 || exit 0
diff --git a/evomalware.patterns b/evomalware.patterns
index 7246867..4a74a27 100644
--- a/evomalware.patterns
+++ b/evomalware.patterns
@@ -43,7 +43,6 @@ Miyachung|
 ccteam|
 Adminer|
 OOO000000|
-\$GLOBALS|
 findsysfolder|
 makeret\.ru|
 c999*sh_surl|
diff --git a/evomalware.patterns.md5 b/evomalware.patterns.md5
index 4d93f52..eb3083b 100644
--- a/evomalware.patterns.md5
+++ b/evomalware.patterns.md5
@@ -1 +1 @@
-2c3d6b95cad8b3a9f0c432dfcd504760  evomalware.patterns
+0ed10460b6e8178f244063877aeb030d  evomalware.patterns
diff --git a/evomalware.sh b/evomalware.sh
index f58b6a5..f229d66 100644
--- a/evomalware.sh
+++ b/evomalware.sh
@@ -4,10 +4,10 @@
 # You can set aggressive to true to search for suspicions scripts.
 aggressive=false
 # Path to search for.
-wwwpath=/home
+wwwpath=/localhome/bserie/CVS/scripts/scripts
 # URL to download patterns and filenames.
 databaseURL="http://antispam00.evolix.org/evomalware"
-databasePATH=/var/lib/evomalware
+databasePATH=/tmp/lib/evomalware
 # Tools.
 find="ionice -c3 find"
 grep="nice -n 19 grep"
@@ -17,7 +17,7 @@ wget="wget -q -t 3"
 fileslist=$(mktemp)
 tmpPATH=/tmp/evomalware.tmp
 
-trap "rm -f $fileslist" EXIT
+trap "rm -rf $fileslist $tmpPATH" EXIT
 
 usage() {
     cat<<EOT
@@ -40,13 +40,22 @@ mkdir -p $tmpPATH
 cd $tmpPATH
 $wget ${databaseURL}/evomalware.filenames
 $wget ${databaseURL}/evomalware.filenames.md5
+if md5sum --quiet -c evomalware.filenames.md5; then
+    cp evomalware.filenames ${databasePATH}/
+else
+    echo "Error with ${databaseURL}/evomalware.filenames, wrong md5sum!"
+    exit 1
+fi
 $wget ${databaseURL}/evomalware.patterns
 $wget ${databaseURL}/evomalware.patterns.md5
-
-filenames=$(cat ${databasePATH}/evomalware.filenames | tr -s '\n' '')
-patterns=$(cat ${databasePATH}/evomalware.patterns | tr -s '\n' '')
-
-cd $wwwpath
+if md5sum --quiet -c evomalware.patterns.md5; then
+    cp evomalware.patterns ${databasePATH}/
+else
+    echo "Error with ${databaseURL}/evomalware.patterns, wrong md5sum!"
+    exit 1
+fi
+filenames=$(cat ${databasePATH}/evomalware.filenames | tr -d '\n')
+patterns=$(cat ${databasePATH}/evomalware.patterns | tr -d '\n')
 
 # Search for .php files (less than 1M).
 find $wwwpath -type f ! -size +1M -name "*.php" > $fileslist 2>/dev/null
@@ -58,10 +67,10 @@ while read file; do
     elif [[ "$file" =~ "wp-content/uploads/" ]]; then
         echo "PHP file in a non-PHP folder detected: $file"
     # Count the length of the longest line and search if suspect php functions are used.
-    elif [[ $($wc -L "$file" | cut -d' ' -f1) -gt 10000 ]]; then
-        grep -q -E -e base64 -e gzinflate -e eval -e '\\x..\\x..' -e 'chr(rand(' $file
+    elif [[ $($wc -L "$file" | cut -d' ' -f1) -gt 1000 ]]; then
+        grep -q -E -e base64 -e gzinflate -e eval -e '\\x..\\x..' -e 'chr\(rand\(' $file
         if [[ $? -eq 0 ]]; then
-            echo "Suspect file! More than 10000 characters in one line (and suspect PHP functions): $file."
+            echo "Suspect file! More than 1000 characters in one line (and suspect PHP functions): $file."
         fi
     else
         # Search for patterns.
@@ -74,6 +83,7 @@ done < $fileslist
 
 # Search for suspicious scripts... Only when in aggressive mode.
 if ( $aggressive ); then
+    cd $wwwpath
     $find . -name javascript.php
     $find . -name bp.pl
     $find . -name tn.php