.Super Cool Investigative information for a Malware type investigations. This is one of the way modern malware maintains persistence in the system across shutdowns and reboots.
- LaunchAgents
- User Level and contains background user process
- /System/Library/LaunchAgents
- /Library/LaunchAgents
- ~/Library/LaunchAgents
- LaunchDaemons
- Background System Process for MacOs
- /System/Library/LaunchDaemons
- /Library/LaunchDeamons
- StartupItems
- LoginItems - ~/Library/Preferencescom.apple.loginitems.plist
RSS Feed