ChrisWrites.com
  • How-To
  • Latest News
  • Mac OS X
  • Safari
  • iTunes
  • iOS
ChrisWrites.com
  • How-To
  • Latest News
  • Mac OS X
  • Safari
  • iTunes
  • iOS
ChrisWrites.com
  • How-To
  • Latest News
  • Mac OS X
  • Safari
  • iTunes
  • iOS
Mac Apps

Boost your Mac’s performance and track down malware, with KnockKnock

5:32 am
Add Comment
Chris
4 Min Read

If you love trying out new applications, then it’s easy to lose track of the programs that launch automatically, every single time you boot up your Mac.

Having a tonne of programs running in the background is bad news for performance, so identifying apps that don’t need to launch at startup is one of the easiest ways to boost your Mac’s performance – and it can even help you identify potential malware!

The majority of malware executes automatically as soon as you log into your user account, so reviewing the software that launches at startup can help you zero in on any malicious software that’s found its way onto your Mac.

While your Mac’s System Preferences does list the applications that launch at startup, it isn’t just applications that you need to worry about! In this article, we’re going to dig a bit deeper and uncover everything that launches every single time you boot up your Mac, including scripts, cron jobs, kernel extensions and browser extensions.

KnockKnock…who’s there?

KnockKnock is an application that scans locations where persistent software and malware is commonly installed. KnockKnock then displays detailed information about all the items it discovers in these locations, that are set to launch at startup. Armed with this data, you can decide whether an item really does need to launch automatically, and whether it may actually be malware.

Note that by default, KnockKnock filters out signed Apple and white-listed items, so these won’t appear in your KnockKnock results.

To perform a scan:

  • Head over to the Objective-C website and download the latest version of KnockKnock. Although you can download KnockKnock for free, if you find this app useful then you should consider donating to the developer.
  • Unzip and launch KnockKnock.
  • Click ‘Start Scan.’
  • After a few moments, KnockKnock will return your results, broken down into sections.

Work your way through these sections, and you’ll see the following information for each item that KnockKnock has detected:

  • The item’s name.
  • A colour-coded lock. Green means that this item is signed by Apple; black means it’s signed by a third party; and an orange, open lock indicates that this item is unsigned.
  • The full file path. You can jump straight to this location in a new Finder window, by clicking the ‘Show’ button.
  • A ‘VirusTotal’ score. VirusTotal is an online malware detection service that provides aggregated data based on the output of various antivirus engines, website scanners, URL and file analysis tools, plus user contributions such as comments and votes. If the item is associated with known malware, then both its name and VirusTotal score will be highlighted red.

To view even more information about the item, click its accompanying ‘info’ button, which launches a popup containing the following information:

  • Hash. This is a string of characters that uniquely identifies this file. Some developers and organisations publish an official list of hashes for their software. Modifying a file in any way will change its hash, so you can check whether a file has become corrupted or been maliciously tampered with, by comparing its hash to the list of official hashes. For example, if you downloaded some software from a third party website, and the third party modified the software to include adware, then its hash will be different to the official list of hashes.
  • Size. How much space this item is taking up.
  • Time. When this item was created, and when it was modified last.
  • List. Wherever possible, KnockKnock will display an item’s plist, which is a text or binary document containing the item’s properties and settings.
  • Signed. Whether the application is signed, and the individual or organisation who this certificate is associated with, if available. Note that just because an application is unsigned, doesn’t automatically mean it’s untrustworthy.

When reviewing your results, just be aware that KnockKnock will list all items that are set to launch at startup, except for signed Apple and white-listed items. It’s highly likely that your KnockKnock results will include lots of legitimate software that should be launching at startup, so don’t panic if KnockKnock returns a long list of software!

Before you go

After spending over 20 years working with Macs, both old and new, theres a tool I think would be useful to every Mac owner who is experiencing performance issues.

CleanMyMac is highest rated all-round cleaning app for the Mac, it can quickly diagnose and solve a whole plethora of common (but sometimes tedious to fix) issues at the click of a button. It also just happens to resolve many of the issues covered in the speed up section of this site, so Download CleanMyMac to get your Mac back up to speed today.

mac-pc

TagsApple knock knock knockknock login Mac macos malware Performance startup virustotal

You may also like

Mac Apps

Upgrade your Spotlight searches with Alfred

January 8, 2019
How-To • Mac Apps

Clear all memory-hogging email attachments from Apple’s Mail

December 28, 2018
How-To • Mac Apps

How to restore macOS from a Time Machine backup

December 20, 2018

About the author

View All Posts

Chris

I've been a passionate evangelist for Apple and the Macintosh throughout my working life, my first love was a Quadra 605 working with a small creative agency in the south of Norfolk UK in the mid 1990's, I later progressed to other roles in other Macintosh dominated industries, first as a Senior graphic designer at a small printing company and then a production manager at Guardian Media Group. As the publishing and printing sector wained I moved into Internet Marketing and in 2006 co-founded blurtit.com which grew to become one the top 200 visited sites in the US (according to Quantcast), at its peak receiving over 15 million visits per month. For the last ten years I have worked as an Affiliate and Consultant to many different business and start ups, my key skill set being online marketing, on page monetisation, landing page optimisation and traffic generation, if you would like to hire me or discuss your current project please reach out to me here.

You can also follow me on: Twitter and Linkedin

Add Comment

Click here to post a comment

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright © 2017.
  • Contact Me
  • Cookie Policy
  • Disclosure
  • Privacy Policy
We value your privacy
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
 

Loading Comments...