KnockKnock

KnockKnock displays persistent startup items (scripts, commands, binaries, executables, Login Items, kexts, LaunchAgents, etc., that are set to execute automatically on OS X. Although signed-Apple binaries are filtered out, legitimate 3rd-party software will likely be displayed. This is useful for troubleshooting annoying behaviors of applications or malware infections. Once launched, you just click the Start Scan button at the top to scan for persistently installed software in these locations: Authorization Plugins Browser Extensions Kernel Extensions Launch Items Library Inserts Login Items Spotlight Importers