Girl with kid

Offer for existing members: Upgrade for Free*

Cybercrime has evolved. Our protection has too. *For the remainder of your subscription. Terms apply.

Common loading points for viruses, worms, and Trojan horse programs on Mac

적용 가능: Mac

The most effective way to prevent and detect threats is to have a Norton security product installed and its virus definitions up to date. If you think your computer is infected, check for any suspicious login items, files, or processes in some of the common places on your Mac as listed in this article.

STEP 1

Verify the Login Items and administrator accounts

  1. On the menu bar, click the Apple icon and select System Preferences.

  2. Under the System pane, click Accounts and review the list of Mac user account.

    You should disable the Guest Account, if the Administrator has not enabled it for any user of your Mac. Check any other user account that seems suspicious to ensure that it is a legitimate account for your Mac.

  3. On the top-right corner of the Accounts window, to look for any suspicious login items that have loaded, click Login Items.

    Review these items to verify that they are legitimate and logically named. Any login item that is suspicious and unknown should be investigated further. To reveal where on the drive the suspicious Login Item loads from, right-click on the item and select Reveal in Finder.

STEP 2

Check for unusual files at common loading points

  1. On the menu bar, click Go and select Go to Folder.

  2. In the dialog box that appears, type the location of the folders exactly as they appear in the list, and click Go.

    • /System/Library/LaunchAgents

    • /System/Library/LaunchDaemons

    • /System/Library/StartupItems

    • /Library/LaunchAgents

    • /Library/LaunchDaemons

    • /Library/StartupItems

    • ~/Library/LaunchAgents

    • ~/Library/LaunchDaemons

    The Property List files (.plist) that are in an XML format are displayed and can be reviewed with a text editor.

  3. In the LaunchAgents and LaunchDaemon folders, search for any .plist files that are named suspiciously, and then double-click to open them in TextEdit.

  4. In the TextEdit window, check for the <key>ProgramArguments</key> section to verify the location of the item loaded by the .plist file.

    If these items appear to be unknown or suspicious, submit the samples of the files that the .plist loads to Norton Submission Portal.

    You need to submit the UNIX Executable file from the path that is indicated in the .plist file, for e.g. /Library/Application Support/Norton/Silo/NFM/LiveUpdate/LUTool.

STEP 3

Look for any suspicious processes that are running on your Mac

  1. On the menu bar, click Go, and then select Utilities.

  2. Double-click Activity Monitor.

  3. Review the list for any processes that look suspicious to investigate further.

  4. In the top-right corner of the Activity Monitor, select one of the following from the drop-down menu:

    • To look for the processes that are associated with the logged in user account, select My Processes.

    • To check the processes that are associated with other user accounts on the Mac, select Other User Processes.

  5. To verify the open files and ports from where this process originates and what files it uses, select a suspicious process, and click Inspect.

  6. To quit the process, click Quit Process.

Need more help?

문서 번호: v59310362
최근 수정된 날짜: 04/24/2025

이 글이 도움 되었나요?

다운로드
내 계정 관리
구매 및 갱신
문의하기
사이버 사기
Norton 구조 도구
바이러스가 있다고 생각하십니까?
Windows에서 실행 시 문제