diff --git a/detection/evasion/unexpected-library-entries-macos.sql b/detection/evasion/unexpected-library-entries-macos.sql
index 8d97ac5..8050668 100644
--- a/detection/evasion/unexpected-library-entries-macos.sql
+++ b/detection/evasion/unexpected-library-entries-macos.sql
@@ -39,6 +39,7 @@ WHERE
     '/Library/Application Support/',
     '/Library/Audio/',
     '/Library/AutoBugCapture/',
+    '/Library/Automator/',
     '/Library/Bluetooth/',
     '/Library/Caches/',
     '/Library/Catacomb/',
@@ -58,6 +59,7 @@ WHERE
     '/Library/DirectoryServices/',
     '/Library/Documentation/',
     '/Library/DriverExtensions/',
+    '/Library/DropboxHelperTools/',
     '/Library/Extensions/',
     '/Library/Filesystems/',
     '/Library/Fonts/',
@@ -88,7 +90,10 @@ WHERE
     '/Library/Objective-See/',
     '/Library/OpenDirectory/',
     '/Library/OSAnalytics/',
+    '/Library/OSAnalytics/.DS_Store',
+    '/Library/PDF Services/',
     '/Library/Perl/',
+    '/Library/Plug-Ins/',
     '/Library/PreferencePanes/',
     '/Library/Preferences/',
     '/Library/Preferences/.GlobalPreferences.plist',