opragel/adwaremedic-signatures-modified.xml

## adwaremedic-signatures-modified.xml
<AdwareDefinition>
	<Version>90</Version>
	<DefinitionAuthor>Owen Pragel</DefinitionAuthor>
	<DefinitionSource>http://www.adwaremedic.com/signatures.xml</DefinitionSource>
	<Adware>
		<AdwareName>FkCodec</AdwareName>
		<File>/Users/*/Library/Application Support/Codec-M</File>
		<File>/Users/*/Library/LaunchAgents/com.codecm.uploader.plist</File>
		<File>/Applications/Codec-M.app</File>
	</Adware>
	<Adware>
		<AdwareName>Yontoo</AdwareName>
		<File>/Users/*/Library/Application Support/Google/Chrome/YontooLayers.crx</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/user.js</File>
	</Adware>
	<Adware>
		<AdwareName>ClickAgent</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>ChatZum</AdwareName>
		<File>/Applications/ChatZumUninstaller.pkg</File>
		<File>/Library/Application Support/SIMBL/Plugins/SafariOmnibar.bundle</File>
		<File>/Library/Internet Plug-Ins/uid.plist</File>
		<File>/Library/Internet Plug-Ins/zako.plugin</File>
	</Adware>
	<Adware>
		<AdwareName>Spigot</AdwareName>
		<File>/Users/*/Library/LaunchAgents/com.spigot.SearchProtection.plist</File>
		<File>/Users/*/Library/LaunchAgents/com.spigot.ApplicationManager.plist</File>
		<File>/Users/*/Library/Application Support/Spigot/</File>
	</Adware>
	<Adware>
		<AdwareName>InstallCore</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>SaveKeep</AdwareName>
		<File>/Applications/Savekeep.app</File>
	</Adware>
	<Adware>
		<AdwareName>Jollywallet</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>Conduit" compromise="http://www.adwaremedic.com/kb/firefox-mod.php</AdwareName>
		<File>/Users/*/Library/Application Support/Google/Chrome/Default/Extensions/cbmjmfcldbpelhknnfjbkobmabafpoed</File>
		<File>/Library/InputManagers/CTLoader/</File>
		<File>/Library/LaunchAgents/com.conduit.loader.agent.plist</File>
		<File>/Library/LaunchDaemons/com.perion.searchprotectd.plist</File>
		<File>/Library/Application Support/SIMBL/Plugins/CT2285220.bundle</File>
		<File>/Library/Application Support/Conduit/</File>
		<File>/Applications/SearchProtect.app</File>
		<File>/Applications/SearchProtect/</File>
		<File>/Users/*/Conduit</File>
		<File>/Users/*/Trovi</File>
		<File>/Users/*/Library/Application Support/Conduit</File>
		<File>/Users/*/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin</File>
		<File>/Users/*/Library/Internet Plug-Ins/TroviNPAPIPlugin.plugin</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/searchplugins/conduit.xml</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/searchplugins/MyBrand.xml</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/searchplugins/'Conduit Customized Web Search'.xml</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/takeOverNewTab.txt</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/abstraction.js</File>
	</Adware>
	<Adware>
		<AdwareName>VSearch</AdwareName>
		<File>/Library/Application Support/VSearch</File>
		<File>/Library/LaunchAgents/com.vsearch.agent.plist</File>
		<File>/Library/LaunchDaemons/com.vsearch.daemon.plist</File>
		<File>/Library/LaunchDaemons/com.vsearch.helper.plist</File>
		<File>/Library/LaunchDaemons/Jack.plist</File>
		<File>/Library/PrivilegedHelperTools/Jack</File>
		<File>/System/Library/Frameworks/VSearch.framework</File>
		<!-- <item type="contentAtPath" filename="" havingContent="Frameworks/v\.framework" subfile="Version.plist">/Library/Application Support/</item> -->
		<!-- <item type="contentAtPath" filename="" havingContent="&lt;string&gt;[0-9a-f]+\.com&lt;/string&gt;" subfile="f">/Library/Application Support/</item> -->
		<!-- <item type="contentAtPath" filename="^[0-9a-f]{16}$">/Library/Application Support/</item> -->
		<!-- <item type="contentAtPath" unload="true" restart="true" filename="com\.[^\.]+\.agent\.plist" havingContent="(com\.v\.agent)|(/Application Support/[0-9a-f]+/Agent/[^\.]+\.app)">/Library/LaunchAgents/</item> -->
		<!-- <item type="contentAtPath" unload="true" restart="true" filename="com\.[^\.]+\.(daemon|helper)\.plist" havingContent="(com\.v\.(daemon|helper))|(/Application Support/[0-9a-f]+/Agent/[^\.]+\.app)">/Library/LaunchDaemons/</item> -->
		<!-- <item type="contentAtPath" unload="true" restart="true" filename="com\.[^\.]+\.agent\.plist" havingContent="/Agent/agent\.app/Contents/MacOS/agent">/Library/LaunchAgents/</item> -->
		<!-- <item type="contentAtPath" unload="true" restart="true" filename="com\.[^\.]+\.(daemon|helper)\.plist" havingContent="/Agent/agent\.app/Contents/MacOS/agent">/Library/LaunchDaemons/</item> -->
		<File>/System/Library/Frameworks/v.framework</File>
	</Adware>
	<Adware>
		<AdwareName>GoPhoto</AdwareName>
		<File>/Users/*/Library/Application Support/Google/Chrome/External Extensions/ccfjbdjailljfihgkoccfbiljjapiijb.json</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/user.js</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/prefs.js</File>
	</Adware>
	<Adware>
		<AdwareName>Genieo</AdwareName>
		<!-- <item type="login">Genieo</item> -->
		<!-- <item type="login">InKeepr</item> -->
		<File>/Users/*/Library/LaunchAgents/com.genieo.completer.download.plist</File>
		<File>/Users/*/Library/LaunchAgents/com.genieo.completer.update.plist</File>
		<File>/Users/*/Library/LaunchAgents/com.genieo.completer.ltvbit.plist</File>
		<File>/Users/*/Library/LaunchAgents/com.installer.completer.download.plist</File>
		<File>/Users/*/Library/LaunchAgents/com.installer.completer.update.plist</File>
		<File>/Users/*/Library/LaunchAgents/com.installer.completer.ltvbit.plist</File>
		<!-- <item type="contentAtPath" relativeTo="home" unload="true" restart="true" filename="\.((download)|(update)|(ltvbit))\.plist" havingContent="\-firstAppId">Library/LaunchAgents/</item> -->
		<File>/Users/*/Library/LaunchAgents/texiday.download.plist</File>
		<File>/Users/*/Library/LaunchAgents/texiday.update.plist</File>
		<File>/Users/*/Library/LaunchAgents/texiday.ltvbit.plist</File>
		<File>/Library/LaunchAgents/com.genieoinnovation.macextension.plist</File>
		<File>/Library/LaunchAgents/com.genieoinnovation.macextension.client.plist</File>
		<File>/Library/LaunchAgents/com.genieo.engine.plist</File>
		<File>/Library/LaunchAgents/com.genieo.completer.update.plist</File>
		<File>/Library/LaunchDaemons/com.genieoinnovation.macextension.client.plist</File>
		<File>/Applications/Genieo.app</File>
		<File>/Applications/InKeepr.app</File>
		<File>/Applications/InstallGenieo.app</File>
		<File>/Applications/Reset Search.app</File>
		<File>/Applications/Uninstall Genieo.app</File>
		<File>/Applications/Uninstall IM Completer.app</File>
		<File>/Applications/InstallMac</File>
		<File>/Applications/InstallGenieo</File>
		<File>/Applications/Texiday</File>
		<File>/Applications/Listchack</File>
		<File>/Applications/InKeepr</File>
		<File>/Applications/Celipsow</File>
		<File>/Applications/Nariabox</File>
		<File>/Applications/Oliverto</File>
		<File>/Applications/Epolife</File>
		<File>/Applications/Leperdvil</File>
		<File>/Users/*/Library/Application Support/com.genieoinnovation.Installer</File>
		<File>/Users/*/Library/Application Support/Genieo</File>
		<File>/Users/*/Library/Application Support/IM.Installer</File>
		<File>/Users/*/Library/Application Support/Listchack</File>
		<File>/Users/*/Library/Application Support/InKeepr</File>
		<File>/Users/*/Library/Application Support/Asistents</File>
		<File>/Users/*/Library/Application Support/Celipsow</File>
		<File>/Users/*/Library/Application Support/Nariabox</File>
		<File>/Users/*/Library/Application Support/Oliverto</File>
		<File>/Users/*/Library/Application Support/Epolife</File>
		<File>/Users/*/Library/Application Support/Leperdvil</File>
		<File>/Library/PrivilegedHelperTools/com.genieoinnovation.macextension.client</File>
		<File>/Library/Frameworks/GenieoExtra.framework</File>
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/searchplugins/my-homepage.xml</File>
		<File>/private/etc/launchd.conf</File>
		<File>/usr/lib/libgenkit.dylib</File>
		<File>/usr/lib/libgenkitsa.dylib</File>
		<File>/usr/lib/libimckit.dylib</File>
		<File>/usr/lib/libimckitsa.dylib</File>
	</Adware>
	<Adware>
		<AdwareName>Vidx/MacVX</AdwareName>
		<File>/Applications/Vidx.app</File>
		<File>/Applications/MacMin.app</File>
		<File>/Users/*/Applications/Vidx.app</File>
		<File>/Users/*/Applications/MacMin.app</File>
		<File>/Users/*/Library/Safari/Extensions/extension.safariextz</File>
		<File>/Users/*/Library/Application Support/Google/Chrome/Default/Preferences</File>
		<File>/Library/Application Support/VidToMP3/</File>
		<!-- <item type="contentAtPath" havingContent="/Library/Application Support/VidToMP3/">/Library/LaunchDaemons/</item> -->
		<File>/Library/Application Support/fa4e8.94b.550d413f/</File>
		<File>/Users/*/Library/Application Support/osxDownloader/</File>
	</Adware>
	<Adware>
		<AdwareName>Awesome Screenshot</AdwareName>
		<File>/Users/*/Library/Application Support/Google/Chrome/Default/Preferences</File>
	</Adware>
	<Adware>
		<AdwareName>MacShop</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>MacSmart</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>News Ticker Remover</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>PhotoZoom</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>Shopper Helper Pro</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>Best YouTube Downloader</AdwareName>
		<File>/Users/*/Library/LaunchAgents/com.moeppfdpoohhdcaefbfpmabjipnohiif.updater.plist</File>
	</Adware>
	<Adware>
		<AdwareName>ArcadeYum</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>Bundlore</AdwareName>
		<File>/Users/*/Library/Application Support/Google/Chrome/External Extensions/phpdijfdkggndfmgcfdhcimlflflnega.json</File>
		<File>/Users/*/Library/LaunchAgents/Safari Security</File>
		<!-- <item type="contentAtPath" filename="(cinema(s?)[- \+]*(plus|\+)?[- \+]*(pro|hd)?)|(cinema(s?) ?pl[aeiou]+s)" havingContent="com\.(cinema(s?)[- \+]*(plus|\+)?[- \+]*(pro|hd)?)|(cinema(s?) ?pl[aeiou]+s)\.Service">/Library/</item> -->
		<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="flashmall" havingContent="">/Library/LaunchAgents/</item> -->
		<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="shopp?y.?mate" havingContent="">/Library/LaunchAgents/</item> -->
		<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="palmall" havingContent="">/Library/LaunchAgents/</item> -->
		<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="(cinema(s?)[- \+]*(plus|\+)?[- \+]*(pro|hd)?)|(cinema(s?) ?pl[aeiou]+s)" havingContent="">/Library/LaunchAgents/</item> -->
		<!-- <item type="contentAtPath" restart="true" filename="(cinema(s?)[- \+]*(plus|\+)?[- \+]*(pro|hd)?)|(cinema(s?) ?pl[aeiou]+s)" havingContent="">/Library/LaunchAgents/</item> -->
		<!-- <item type="contentAtPath" restart="true" filename="(cinema(s?)[- \+]*(plus|\+)?[- \+]*(pro|hd)?)|(cinema(s?) ?pl[aeiou]+s)" havingContent="">/Library/LaunchDaemons/</item> -->
		<!-- <item type="contentAtPath" filename="com\.crossrider\.wss\d+\.agent\.plist" relativeTo="home" unload="true" restart="true">Library/LaunchAgents/</item> -->
		<File>/Users/*/Library/LaunchAgents/WebSocketServerApp</File>
		<File>/Users/*/Library/LaunchAgents/com.webhelper.plist</File>
		<File>/Users/*/Library/LaunchAgents/com.webtools.update.agent.plist</File>
		<File>/Users/*/Library/LaunchAgents/com.webtools.uninstaller.plist</File>
		<!-- <item type="contentAtPath" filename="com\.webhelper\..*\.plist" havingContent="/Library/Application Support/webhelper">/Library/LaunchAgents</item> -->
		<!-- <item type="contentAtPath" relativeTo="home" filename="com\.webtools\..*\.plist" havingContent="Library/Application Support/WebTools">Library/LaunchAgents</item> -->
		<File>/Users/*/Library/Application Support/webHelperApp/</File>
		<File>/Users/*/Library/Application Support/webhelper/</File>
		<File>/Users/*/Library/Application Support/WebTools/</File>
		<File>/Users/*/Library/WebTools/</File>
		<File>/Users/*/Library/flashmall/</File>
		<File>/Applications/WebTools.app</File>
		<File>/Users/*/Applications/flashmall.app</File>
		<!-- <item type="contentAtPath" filename="cinema(s?)[- \+]*((plus)|(pro))[- \+0123456789]*">/Applications</item> -->
		<!-- <item type="contentAtPath" relativeTo="home" filename="cinema(s?)[- \+]*((plus)|(pro))[- \+0123456789]*">Applications</item> -->
		<File>/Users/*/Library/Application Support/Firefox/Profiles/*/user.js</File>
		<File>/Users/*/Library/cinemapro1-2</File>
		<File>/Users/*/Library/LaunchAgents/UpdateDownloader</File>
		<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="\.agent\.plist" havingContent="UpdateDownloader">Library/LaunchAgents/</item> -->
		<!-- <item type="contentAtPath" relativeTo="home" filename="com\.extensions\.updater[0123456789]*\.ver">Library/LaunchAgents/</item> -->
		<File>/Users/*/Library/ScriptingAdditions/BrowserHelper.osax</File>
	</Adware>
	<Adware>
		<AdwareName>DreamsAdNetwork</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>FlashFree</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>PremierOpinion" compromise="http://www.adwaremedic.com/kb/premieropinion.php</AdwareName>
		<File>/Applications/PremierOpinion</File>
		<File>/Library/LaunchDaemons/PremierOpinion.plist</File>
		<File>/i</File>
	</Adware>
	<Adware>
		<AdwareName>Ask Toolbar</AdwareName>
		<File>/Users/*/Library/Application Support/Sponsors.framework</File>
	</Adware>
	<Adware>
		<AdwareName>Recipe Hub</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>iLivid</AdwareName>
	</Adware>
	<Adware>
		<AdwareName>CustomSearch</AdwareName>
		<File>/Users/*/Applications/SilentInstaller.app</File>
	</Adware>
	<Adware>
		<AdwareName>OperatorMac</AdwareName>
		<!-- <item type="path" havingContent="Opti[ -]?Page" relativeTo="ffprofile">searchplugins/mySearchPlug.xml</item> -->
		<!-- <item type="contentAtPath" relativeTo="home" havingContent="var\s*userid_uuid=[^;]*;\s*var\s*[^=]*=.http://www\.hmining\.mobi" subfile="main.js">Library/Application Support/Google/Chrome/Default/</item> -->
		<File>/Users/*/Library/Application Support/Google/Chrome/Default/Preferences</File>
	</Adware>
	<Adware>
		<AdwareName>ListenToYouTube</AdwareName>
		<!-- <item type="contentAtPath" unload="true" restart="true" havingContent="&lt;string&gt;/Library/Application Support/ListenToYoutube/[^/]*/ListenToYoutube&lt;/string&gt;">/Library/LaunchDaemons/</item> -->
		<File>/Library/Application Support/ListenToYoutube</File>
	</Adware>
</AdwareDefinition>w
	<AdwareDefinition>
	<Version>90</Version>
	<DefinitionAuthor>Owen Pragel</DefinitionAuthor>
	<DefinitionSource>http://www.adwaremedic.com/signatures.xml</DefinitionSource>
	<Adware>
	<AdwareName>FkCodec</AdwareName>
	<File>/Users/*/Library/Application Support/Codec-M</File>
	<File>/Users/*/Library/LaunchAgents/com.codecm.uploader.plist</File>
	<File>/Applications/Codec-M.app</File>
	</Adware>
	<Adware>
	<AdwareName>Yontoo</AdwareName>
	<File>/Users/*/Library/Application Support/Google/Chrome/YontooLayers.crx</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//user.js</File>
	</Adware>
	<Adware>
	<AdwareName>ClickAgent</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>ChatZum</AdwareName>
	<File>/Applications/ChatZumUninstaller.pkg</File>
	<File>/Library/Application Support/SIMBL/Plugins/SafariOmnibar.bundle</File>
	<File>/Library/Internet Plug-Ins/uid.plist</File>
	<File>/Library/Internet Plug-Ins/zako.plugin</File>
	</Adware>
	<Adware>
	<AdwareName>Spigot</AdwareName>
	<File>/Users/*/Library/LaunchAgents/com.spigot.SearchProtection.plist</File>
	<File>/Users/*/Library/LaunchAgents/com.spigot.ApplicationManager.plist</File>
	<File>/Users/*/Library/Application Support/Spigot/</File>
	</Adware>
	<Adware>
	<AdwareName>InstallCore</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>SaveKeep</AdwareName>
	<File>/Applications/Savekeep.app</File>
	</Adware>
	<Adware>
	<AdwareName>Jollywallet</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>Conduit" compromise="http://www.adwaremedic.com/kb/firefox-mod.php</AdwareName>
	<File>/Users/*/Library/Application Support/Google/Chrome/Default/Extensions/cbmjmfcldbpelhknnfjbkobmabafpoed</File>
	<File>/Library/InputManagers/CTLoader/</File>
	<File>/Library/LaunchAgents/com.conduit.loader.agent.plist</File>
	<File>/Library/LaunchDaemons/com.perion.searchprotectd.plist</File>
	<File>/Library/Application Support/SIMBL/Plugins/CT2285220.bundle</File>
	<File>/Library/Application Support/Conduit/</File>
	<File>/Applications/SearchProtect.app</File>
	<File>/Applications/SearchProtect/</File>
	<File>/Users/*/Conduit</File>
	<File>/Users/*/Trovi</File>
	<File>/Users/*/Library/Application Support/Conduit</File>
	<File>/Users/*/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin</File>
	<File>/Users/*/Library/Internet Plug-Ins/TroviNPAPIPlugin.plugin</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//searchplugins/conduit.xml</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//searchplugins/MyBrand.xml</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//searchplugins/'Conduit Customized Web Search'.xml</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//takeOverNewTab.txt</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//abstraction.js</File>
	</Adware>
	<Adware>
	<AdwareName>VSearch</AdwareName>
	<File>/Library/Application Support/VSearch</File>
	<File>/Library/LaunchAgents/com.vsearch.agent.plist</File>
	<File>/Library/LaunchDaemons/com.vsearch.daemon.plist</File>
	<File>/Library/LaunchDaemons/com.vsearch.helper.plist</File>
	<File>/Library/LaunchDaemons/Jack.plist</File>
	<File>/Library/PrivilegedHelperTools/Jack</File>
	<File>/System/Library/Frameworks/VSearch.framework</File>
	<!-- <item type="contentAtPath" filename="" havingContent="Frameworks/v\.framework" subfile="Version.plist">/Library/Application Support/</item> -->
	<!-- <item type="contentAtPath" filename="" havingContent="<string>[0-9a-f]+\.com</string>" subfile="f">/Library/Application Support/</item> -->
	<!-- <item type="contentAtPath" filename="^[0-9a-f]{16}$">/Library/Application Support/</item> -->
	<!-- <item type="contentAtPath" unload="true" restart="true" filename="com\.[^\.]+\.agent\.plist" havingContent="(com\.v\.agent)\|(/Application Support/[0-9a-f]+/Agent/[^\.]+\.app)">/Library/LaunchAgents/</item> -->
	<!-- <item type="contentAtPath" unload="true" restart="true" filename="com\.[^\.]+\.(daemon\|helper)\.plist" havingContent="(com\.v\.(daemon\|helper))\|(/Application Support/[0-9a-f]+/Agent/[^\.]+\.app)">/Library/LaunchDaemons/</item> -->
	<!-- <item type="contentAtPath" unload="true" restart="true" filename="com\.[^\.]+\.agent\.plist" havingContent="/Agent/agent\.app/Contents/MacOS/agent">/Library/LaunchAgents/</item> -->
	<!-- <item type="contentAtPath" unload="true" restart="true" filename="com\.[^\.]+\.(daemon\|helper)\.plist" havingContent="/Agent/agent\.app/Contents/MacOS/agent">/Library/LaunchDaemons/</item> -->
	<File>/System/Library/Frameworks/v.framework</File>
	</Adware>
	<Adware>
	<AdwareName>GoPhoto</AdwareName>
	<File>/Users/*/Library/Application Support/Google/Chrome/External Extensions/ccfjbdjailljfihgkoccfbiljjapiijb.json</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//user.js</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//prefs.js</File>
	</Adware>
	<Adware>
	<AdwareName>Genieo</AdwareName>
	<!-- <item type="login">Genieo</item> -->
	<!-- <item type="login">InKeepr</item> -->
	<File>/Users/*/Library/LaunchAgents/com.genieo.completer.download.plist</File>
	<File>/Users/*/Library/LaunchAgents/com.genieo.completer.update.plist</File>
	<File>/Users/*/Library/LaunchAgents/com.genieo.completer.ltvbit.plist</File>
	<File>/Users/*/Library/LaunchAgents/com.installer.completer.download.plist</File>
	<File>/Users/*/Library/LaunchAgents/com.installer.completer.update.plist</File>
	<File>/Users/*/Library/LaunchAgents/com.installer.completer.ltvbit.plist</File>
	<!-- <item type="contentAtPath" relativeTo="home" unload="true" restart="true" filename="\.((download)\|(update)\|(ltvbit))\.plist" havingContent="\-firstAppId">Library/LaunchAgents/</item> -->
	<File>/Users/*/Library/LaunchAgents/texiday.download.plist</File>
	<File>/Users/*/Library/LaunchAgents/texiday.update.plist</File>
	<File>/Users/*/Library/LaunchAgents/texiday.ltvbit.plist</File>
	<File>/Library/LaunchAgents/com.genieoinnovation.macextension.plist</File>
	<File>/Library/LaunchAgents/com.genieoinnovation.macextension.client.plist</File>
	<File>/Library/LaunchAgents/com.genieo.engine.plist</File>
	<File>/Library/LaunchAgents/com.genieo.completer.update.plist</File>
	<File>/Library/LaunchDaemons/com.genieoinnovation.macextension.client.plist</File>
	<File>/Applications/Genieo.app</File>
	<File>/Applications/InKeepr.app</File>
	<File>/Applications/InstallGenieo.app</File>
	<File>/Applications/Reset Search.app</File>
	<File>/Applications/Uninstall Genieo.app</File>
	<File>/Applications/Uninstall IM Completer.app</File>
	<File>/Applications/InstallMac</File>
	<File>/Applications/InstallGenieo</File>
	<File>/Applications/Texiday</File>
	<File>/Applications/Listchack</File>
	<File>/Applications/InKeepr</File>
	<File>/Applications/Celipsow</File>
	<File>/Applications/Nariabox</File>
	<File>/Applications/Oliverto</File>
	<File>/Applications/Epolife</File>
	<File>/Applications/Leperdvil</File>
	<File>/Users/*/Library/Application Support/com.genieoinnovation.Installer</File>
	<File>/Users/*/Library/Application Support/Genieo</File>
	<File>/Users/*/Library/Application Support/IM.Installer</File>
	<File>/Users/*/Library/Application Support/Listchack</File>
	<File>/Users/*/Library/Application Support/InKeepr</File>
	<File>/Users/*/Library/Application Support/Asistents</File>
	<File>/Users/*/Library/Application Support/Celipsow</File>
	<File>/Users/*/Library/Application Support/Nariabox</File>
	<File>/Users/*/Library/Application Support/Oliverto</File>
	<File>/Users/*/Library/Application Support/Epolife</File>
	<File>/Users/*/Library/Application Support/Leperdvil</File>
	<File>/Library/PrivilegedHelperTools/com.genieoinnovation.macextension.client</File>
	<File>/Library/Frameworks/GenieoExtra.framework</File>
	<File>/Users//Library/Application Support/Firefox/Profiles//searchplugins/my-homepage.xml</File>
	<File>/private/etc/launchd.conf</File>
	<File>/usr/lib/libgenkit.dylib</File>
	<File>/usr/lib/libgenkitsa.dylib</File>
	<File>/usr/lib/libimckit.dylib</File>
	<File>/usr/lib/libimckitsa.dylib</File>
	</Adware>
	<Adware>
	<AdwareName>Vidx/MacVX</AdwareName>
	<File>/Applications/Vidx.app</File>
	<File>/Applications/MacMin.app</File>
	<File>/Users/*/Applications/Vidx.app</File>
	<File>/Users/*/Applications/MacMin.app</File>
	<File>/Users/*/Library/Safari/Extensions/extension.safariextz</File>
	<File>/Users/*/Library/Application Support/Google/Chrome/Default/Preferences</File>
	<File>/Library/Application Support/VidToMP3/</File>
	<!-- <item type="contentAtPath" havingContent="/Library/Application Support/VidToMP3/">/Library/LaunchDaemons/</item> -->
	<File>/Library/Application Support/fa4e8.94b.550d413f/</File>
	<File>/Users/*/Library/Application Support/osxDownloader/</File>
	</Adware>
	<Adware>
	<AdwareName>Awesome Screenshot</AdwareName>
	<File>/Users/*/Library/Application Support/Google/Chrome/Default/Preferences</File>
	</Adware>
	<Adware>
	<AdwareName>MacShop</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>MacSmart</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>News Ticker Remover</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>PhotoZoom</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>Shopper Helper Pro</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>Best YouTube Downloader</AdwareName>
	<File>/Users/*/Library/LaunchAgents/com.moeppfdpoohhdcaefbfpmabjipnohiif.updater.plist</File>
	</Adware>
	<Adware>
	<AdwareName>ArcadeYum</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>Bundlore</AdwareName>
	<File>/Users/*/Library/Application Support/Google/Chrome/External Extensions/phpdijfdkggndfmgcfdhcimlflflnega.json</File>
	<File>/Users/*/Library/LaunchAgents/Safari Security</File>
	<!-- <item type="contentAtPath" filename="(cinema(s?)[- \+](plus\|\+)?[- \+](pro\|hd)?)\|(cinema(s?) ?pl[aeiou]+s)" havingContent="com\.(cinema(s?)[- \+](plus\|\+)?[- \+](pro\|hd)?)\|(cinema(s?) ?pl[aeiou]+s)\.Service">/Library/</item> -->
	<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="flashmall" havingContent="">/Library/LaunchAgents/</item> -->
	<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="shopp?y.?mate" havingContent="">/Library/LaunchAgents/</item> -->
	<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="palmall" havingContent="">/Library/LaunchAgents/</item> -->
	<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="(cinema(s?)[- \+](plus\|\+)?[- \+](pro\|hd)?)\|(cinema(s?) ?pl[aeiou]+s)" havingContent="">/Library/LaunchAgents/</item> -->
	<!-- <item type="contentAtPath" restart="true" filename="(cinema(s?)[- \+](plus\|\+)?[- \+](pro\|hd)?)\|(cinema(s?) ?pl[aeiou]+s)" havingContent="">/Library/LaunchAgents/</item> -->
	<!-- <item type="contentAtPath" restart="true" filename="(cinema(s?)[- \+](plus\|\+)?[- \+](pro\|hd)?)\|(cinema(s?) ?pl[aeiou]+s)" havingContent="">/Library/LaunchDaemons/</item> -->
	<!-- <item type="contentAtPath" filename="com\.crossrider\.wss\d+\.agent\.plist" relativeTo="home" unload="true" restart="true">Library/LaunchAgents/</item> -->
	<File>/Users/*/Library/LaunchAgents/WebSocketServerApp</File>
	<File>/Users/*/Library/LaunchAgents/com.webhelper.plist</File>
	<File>/Users/*/Library/LaunchAgents/com.webtools.update.agent.plist</File>
	<File>/Users/*/Library/LaunchAgents/com.webtools.uninstaller.plist</File>
	<!-- <item type="contentAtPath" filename="com\.webhelper\..*\.plist" havingContent="/Library/Application Support/webhelper">/Library/LaunchAgents</item> -->
	<!-- <item type="contentAtPath" relativeTo="home" filename="com\.webtools\..*\.plist" havingContent="Library/Application Support/WebTools">Library/LaunchAgents</item> -->
	<File>/Users/*/Library/Application Support/webHelperApp/</File>
	<File>/Users/*/Library/Application Support/webhelper/</File>
	<File>/Users/*/Library/Application Support/WebTools/</File>
	<File>/Users/*/Library/WebTools/</File>
	<File>/Users/*/Library/flashmall/</File>
	<File>/Applications/WebTools.app</File>
	<File>/Users/*/Applications/flashmall.app</File>
	<!-- <item type="contentAtPath" filename="cinema(s?)[- \+]((plus)\|(pro))[- \+0123456789]">/Applications</item> -->
	<!-- <item type="contentAtPath" relativeTo="home" filename="cinema(s?)[- \+]((plus)\|(pro))[- \+0123456789]">Applications</item> -->
	<File>/Users//Library/Application Support/Firefox/Profiles//user.js</File>
	<File>/Users/*/Library/cinemapro1-2</File>
	<File>/Users/*/Library/LaunchAgents/UpdateDownloader</File>
	<!-- <item type="contentAtPath" relativeTo="home" restart="true" filename="\.agent\.plist" havingContent="UpdateDownloader">Library/LaunchAgents/</item> -->
	<!-- <item type="contentAtPath" relativeTo="home" filename="com\.extensions\.updater[0123456789]*\.ver">Library/LaunchAgents/</item> -->
	<File>/Users/*/Library/ScriptingAdditions/BrowserHelper.osax</File>
	</Adware>
	<Adware>
	<AdwareName>DreamsAdNetwork</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>FlashFree</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>PremierOpinion" compromise="http://www.adwaremedic.com/kb/premieropinion.php</AdwareName>
	<File>/Applications/PremierOpinion</File>
	<File>/Library/LaunchDaemons/PremierOpinion.plist</File>
	<File>/i</File>
	</Adware>
	<Adware>
	<AdwareName>Ask Toolbar</AdwareName>
	<File>/Users/*/Library/Application Support/Sponsors.framework</File>
	</Adware>
	<Adware>
	<AdwareName>Recipe Hub</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>iLivid</AdwareName>
	</Adware>
	<Adware>
	<AdwareName>CustomSearch</AdwareName>
	<File>/Users/*/Applications/SilentInstaller.app</File>
	</Adware>
	<Adware>
	<AdwareName>OperatorMac</AdwareName>
	<!-- <item type="path" havingContent="Opti[ -]?Page" relativeTo="ffprofile">searchplugins/mySearchPlug.xml</item> -->
	<!-- <item type="contentAtPath" relativeTo="home" havingContent="var\suserid_uuid=[^;];\svar\s[^=]*=.http://www\.hmining\.mobi" subfile="main.js">Library/Application Support/Google/Chrome/Default/</item> -->
	<File>/Users/*/Library/Application Support/Google/Chrome/Default/Preferences</File>
	</Adware>
	<Adware>
	<AdwareName>ListenToYouTube</AdwareName>
	<!-- <item type="contentAtPath" unload="true" restart="true" havingContent="<string>/Library/Application Support/ListenToYoutube/[^/]*/ListenToYoutube</string>">/Library/LaunchDaemons/</item> -->
	<File>/Library/Application Support/ListenToYoutube</File>
	</Adware>
	</AdwareDefinition>w