bobandris Author

Level 1

39 points

What is latest.zip file?

What is latest.zip file?

This file has recently started showing up at the root level of my iMac running the latest "High Sierra". If I double-click "Macintosh HD" (the internal boot drive) I see the following four folders: System, Applications, Library, Users; and zero-bytes zip file titled "latest.zip". If I delete it it will show up again after the next boot. If I do not delete it will show up with a Creation date indicating when it was originally created and a Modified date indicating when the most recent boot occurred, yet still only zero-bytes in size.

Any ideas what it is? Any ideas how it is being created? Any ideas how to eliminate it?

Many Thanks,

Bob

iMac, macOS High Sierra (10.13.2), iTunes 12.6.3.6

Posted on May 18, 2018 11:04 AM

Reply

Similar questions

6 replies

Level 4

1,185 points

May 19, 2018 6:37 AM in response to putnik

I would make a bootable clone, download the full installer from MAS and copy it to the external. Then make a note of your absolutely necessary third party software (only) and any registration numbers you may need for re-installing them.

Make a clean install. Boot to the clone, erase and reformat the hard disk (for an iMac with a Fusion Drive, this is a bit special) and re-install a simple functional system by downloading up-to-date installers from the developer's websites.

Then copy across only your necessary data to the new User Account, without using setup or migration assistant, to avoid copying back any crud. If you have the data in iCloud already, this is a fairly easy process.

It may take a few hours, but your computer is presently a real mess. (Well, only my opinion:)

https://bombich.com

https://support.apple.com/en-us/HT208033

Reply

Level 4

1,185 points

May 18, 2018 11:07 AM in response to bobandris

You might try running Etrecheck and posting the results on here. Maybe a process is loading at startup that can be identified.

https://etrecheck.com

Reply

Level 10

123,442 points

May 18, 2018 2:37 PM in response to bobandris

It isn't anything from the OS. It is probably put there by one of the many system modifications you have installed.

With a name like "latest," I would assume something that either syncs data or does some sort of useless maintenance.

Reply

Level 4

1,162 points

May 18, 2018 12:57 PM in response to bobandris

It's compressed file you need when backup.

Reply

bobandris Author

Level 1

39 points

May 18, 2018 1:24 PM in response to putnik

Here is the EtreCheck 4.3 Report:

EtreCheck version: 4.3 (4D007)

Report generated: 2018-05-18 13:01:42

Download EtreCheck from https://etrecheck.com

Runtime: 3:30

Performance: Good

Problem: Other problem

Description:

What is latest.zip file?

This file has recently started showing up at the root level of my iMac running the latest "High Sierra". If I double-click "Macintosh HD" (the internal boot drive) I see the following four folders: System, Applications, Library, Users; and a zero-bytes zip file titled "latest.zip". If I delete it it will show up again after the next boot. If I do not delete it will show up with a Creation date indicating when it was originally created and a Modified date indicating when the most recent boot occurred, yet still only zero-bytes in size.

Any ideas what it is? Any ideas how it is being created? Any ideas how to eliminate it?

Major Issues: None

Minor Issues:

These issues do not need immediate attention but they may indicate future problems.

Modified suoders file- The sudoers file has been modified. This is unusual and is sometimes evidence of malware.

Apps crashing- There have been numerous app crashes.

Clean up- There are orphan files that could be removed.

Small backup drive- Time Machine backup drive is too small.

Unsigned files- There is unsigned software installed. They appear to be legitimate but should be reviewed.

System modifications- There are a large number of system modifications running in the background.

32-bit Apps- This machine has 32-bits apps that may have problems in the future.

Hardware Information:

iMac (21.5-inch, Late 2012)

iMac Model: iMac13,1

1 2.7 GHz Intel Core i5 (i5-3330S) CPU: 4-core

8 GB RAM - Upgradeable

BANK 0/DIMM0 - 4 GB DDR3 1600 ok

BANK 1/DIMM0 - 4 GB DDR3 1600 ok

Video Information:

NVIDIA GeForce GT 640M - VRAM: 512 MB

iMac 1920 x 1080

Drives:

disk0 - APPLE HDD ST1000LM024 1.00 TB (Mechanical)

Internal SATA 3 Gigabit Serial ATA

disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

disk0s2 - Macintosh HD (Journaled HFS+) 947.34 GB

disk0s3 - Recovery HD [Recovery] 650 MB

disk0s4 - W********D (NTFS) 52.00 GB

Mounted Volumes:

disk0s2 - Macintosh HD 947.34 GB (549.21 GB free)

Journaled HFS+

Mount point: /

disk0s4 - W********D 52.00 GB (22.73 GB free)

NTFS

Mount point: /Volumes/W********D

Network:

Interface en1: Wi-Fi

802.11 a/b/g/n

One IPv4 address

2 IPv6 addresses

Interface en0: Ethernet

One IPv4 address

2 IPv6 addresses

Interface en4: Ethernet Adaptor (en4)

Interface en5: Bluetooth PAN

Interface bridge0: Thunderbolt Bridge

iCloud Quota: 24.97 GB available

System Software:

macOS High Sierra 10.13.4 (17E202)

Time since boot: Less than an hour

System Load: 2.31 (1 min ago) 1.68 (5 min ago) 0.82 (15 min ago)

Configuration Files:

File /etc/sudoers size: Found 1446 B but expected 1563 B

Security:

System	Status
Gatekeeper	Mac App Store and identified developers
System Integrity Protection	Enabled

Unsigned Files:

Launchd: /Library/LaunchAgents/syncmateStarter.plist

Executable: /Library/Application Support/EltimaSyncMate/SyncMateServer.app/Contents/MacOS/SyncMateServer

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/net.culater.SIMBL.Agent.plist

Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app/Contents/MacOS/SIMBL Agent

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.maintain.ShutDown.plist

Executable: /usr/bin/osascript -e delay 3 -e try -e do shell script "killall Cocktail" -e end try -e ignoring application responses -e try -e tell application "System Events" to shut down -e end try -e end ignoring

Details: Exact match found in the whitelist - probably OK

Launchd: ~/Library/LaunchAgents/com.apple.SafariBookmarksSyncer.plist

Executable: /Applications/Safari.app/Contents/SafariSyncClient.app/Contents/MacOS/SafariSyn cClient --sync com.apple.Safari --entitynames com.apple.bookmarks.Bookmark,com.apple.bookmarks.Folder

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.hidden.daemon.plist

Executable: /usr/local/hidden/Hidden.app/Contents/MacOS/Hidden

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist

Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.sharpcast.xfsmond.plist

Executable: /Library/Application Support/SugarSync/scxfsmond -log error -launchd

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.bombich.ccc.plist

Executable: /Library/PrivilegedHelperTools/com.bombich.ccc

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist

Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/rapiback.plist

Executable: /Library/Application Support/EltimaSyncMate/BackService.app/Contents/MacOS/rapiback

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.rogueamoeba.hermes.plist

Executable: /usr/local/hermes/bin/hermesctl update

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.maintain.LogOut.plist

Executable: /usr/bin/osascript -e delay 3 -e try -e do shell script "killall Cocktail" -e end try -e ignoring application responses -e try -e tell application "System Events" to log out -e end try -e end ignoring

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.maintain.Sleep.plist

Executable: /usr/bin/osascript -e delay 3 -e try -e do shell script "killall Cocktail" -e end try -e ignoring application responses -e try -e tell application "System Events" to sleep -e end try -e end ignoring

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.maintain.Restart.plist

Executable: /usr/bin/osascript -e delay 3 -e try -e do shell script "killall Cocktail" -e end try -e ignoring application responses -e try -e tell application "System Events" to restart -e end try -e end ignoring

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist

Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool

Details: Exact match found in the whitelist - probably OK

32-bit Applications:

132 32-bit apps

Kernel Extensions:

/Library/Extensions

[Loaded] SystemAudioRecorder.kext (Wondershare Software Co., Ltd, 1.1.0 - SDK 10.9)

/System/Library/Extensions

[Not Loaded] FTDIUSBSerialDriver.kext (2.2.17 - SDK 10.6)

[Not Loaded] SusteenUsbCable.kext (1.2.0)

[Not Loaded] Kodak_PrinterDock_Merge.kext (1.0.0)

[Not Loaded] LogitechQuickCam.kext (1.0.7)

[Not Loaded] daspi.kext (1.4)

[Not Loaded] ManyCamDriver.kext (0.0.9)

[Not Loaded] HotSync Classic Seize.kext (3.1)

[Not Loaded] ProlificUsbSerial.kext (1.2.1)

[Not Loaded] Tether.kext (1.1.0d3 - SDK 10.4)

[Loaded] Tether64.kext (1.1.0d3 - SDK 10.6)

[Loaded] HermesAudio.kext (3.0.1)

[Not Loaded] iSpy.kext (2.0.1)

[Not Loaded] IODVDImage.kext (1.0.0.89)

/System/Library/Extensions/2.2.0/Belcarra.USBLAN_netpart.kext/Contents/Plug-Ins

[Not Loaded] Belcarra.USBLAN_netpart.kext (1.6.3)

/System/Library/Extensions/2.2.0/Belcarra.USBLAN_usbpart.kext/Contents/Plug-Ins

[Not Loaded] Belcarra.USBLAN_usbpart.kext (1.6.3)

/System/Library/Extensions/2.2.0/RemoteControl.USBLAN_usbpart.kext/Contents/Plug -Ins

[Not Loaded] RemoteControl.USBLAN_usbpart.kext (1.6.2)

/System/Library/Extensions/Belcarra.USBLAN_netpart.kext/Contents/PlugIns

[Not Loaded] Belcarra.USBLAN_netpart.kext (1.6.1)

/System/Library/Extensions/Belcarra.USBLAN_usbpart.kext/Contents/PlugIns

[Not Loaded] Belcarra.USBLAN_usbpart.kext (1.6.1)

/System/Library/Extensions/RemoteControl.USBLAN_usbpart.kext/Contents/PlugIns

[Not Loaded] RemoteControl.USBLAN_usbpart.kext (1.6.1)

/System/Library/Extensions/Unsupported

[Not Loaded] Soundflower.kext (1.5.2)

[Not Loaded] EyeTVAfaTechHidBlock.kext (1.1)

[Not Loaded] EyeTVCinergy450AudioBlock.kext (1.1)

[Not Loaded] EyeTVCinergyXSAudioBlock.kext (1.1)

[Not Loaded] EyeTVEmpiaAudioBlock.kext (1.1)

[Not Loaded] EyeTVVoyagerAudioBlock.kext (1.1)

[Not Loaded] EyeTVClassicDontSeize.kext (1.1.2)

[Not Loaded] EltimaAsync.kext (0.2.5b15)

System Launch Agents:

[Not Loaded]	8 Apple tasks
[Loaded]	183 Apple tasks
[Running]	101 Apple tasks
[Other]	One Apple task

System Launch Daemons:

[Not Loaded]	36 Apple tasks
[Loaded]	190 Apple tasks
[Running]	108 Apple tasks
[Other]	One Apple task

Launch Agents:

[Not Loaded]	com.maintain.ShutDown.plist (? 83dbe49b - installed 2018-03-27)
[Running]	com.maintain.SystemEvents.plist (Apple - installed 2018-03-27)
[Not Loaded]	com.maintain.Restart.plist (? b392741a - installed 2018-03-27)
[Other]	com.orbicule.uclocator.plist (? 487be715 - installed 2011-06-24)
[Not Loaded]	com.maintain.LogOut.plist (? 52c16c4b - installed 2018-03-27)
[Not Loaded]	com.maintain.PurgeInactiveMemory.plist (Apple - installed 2018-04-18)
[Not Loaded]	com.google.keystone.agent.plist (? c634c19d - installed 2016-03-01)
[Loaded]	com.oracle.java.Java-Updater.plist (? b19eddaf - installed 2016-09-22)
[Not Loaded]	com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a2 3d420d.plist (? ed2af8df - installed 2015-10-13)
[Loaded]	com.maintain.CocktailSystemEvents.plist (Apple - installed 2018-03-30)
[Not Loaded]	com.maintain.Sleep.plist (? 269361ac - installed 2018-03-27)
[Running]	syncmateStarter.plist (? 6f95808e - installed 2012-01-10)
[Not Loaded]	net.culater.SIMBL.Agent.plist (? 850e6250 - installed 2011-10-22)

Launch Daemons:

[Loaded]	com.adobe.ARMDC.SMJobBlessHelper.plist (? 1574c81e - installed 2015-10-13)
[Loaded]	com.chickenbyte.IconBoxHelper.plist (? c4c5d01d - installed 2014-07-26)
[Running]	com.bombich.ccchelper.plist (Bombich Software, Inc. - installed 2018-05-16)
[Other]	com.orbicule.uclocator.plist (? a01bf3e4 - installed 2011-10-04)
[Running]	com.bombich.ccc.plist (? 41245744 - installed 2012-03-01)
[Loaded]	com.paragon-software.pm.helper.plist (Paragon Software GmbH - installed 2015-07-31)
[Loaded]	com.rogueamoeba.hermes.plist (? c18be5f1 - installed 2011-02-14)
[Loaded]	com.sharpcast.xfsmond.plist (? b88df7f - installed 2012-04-08)
[Loaded]	net.freemacsoft.LiteIcon.LIHelperTool.plist (Julien Ramseier - installed 2014-11-20)
[Loaded]	com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2018-04-28)
[Loaded]	com.microsoft.office.licensing.helper.plist (? 6d8cb30e - installed 2010-08-25)
[Loaded]	com.oracle.java.Helper-Tool.plist (? e3fefdd2 - installed 2016-09-22)
[Loaded]	com.qdea.syncproxhelper.plist (Qdea - installed 2018-05-03)
[Loaded]	com.macpaw.CleanMyMac3.Agent.plist (? 7f4ba9a8 - installed 2016-05-11)
[Running]	com.hidden.daemon.plist (? 2b76c037 - installed 2013-10-24)
[Loaded]	com.adobe.ARMDC.Communicator.plist (? d94017c4 - installed 2015-10-13)
[Other]	com.orbicule.uc.plist (? 3f845be - installed 2011-10-04)
[Not Loaded]	com.maintain.HideSpotlightMenuBarIcon.plist (Apple - installed 2017-09-20)
[Loaded]	com.google.keystone.daemon.plist (? 6ee2490f - installed 2016-03-01)
[Running]	rapiback.plist (? 781899de - installed 2011-12-13)
[Loaded]	com.paragon-software.installer.plist (Paragon Software GmbH - installed 2015-07-31)
[Other]	com.taoeffect.ispyd.plist (? 54c63ac3 - installed 2010-11-24)
[Loaded]	jp.co.canon.MasterInstaller.plist (? d0637166 - installed 2017-09-21)

User Launch Agents:

[Other]	com.adobe.ARM.***.plist (? 0 - installed 2013-07-01)
[Not Loaded]	com.macpaw.CleanMyMac3.Scheduler.plist (? 0 - installed 2016-05-13)
[Running]	com.apple.SafariBookmarksSyncer.plist (? 0 - installed 2008-12-16)
[Loaded]	com.guid.boost.update.plist (? 0 - installed 2018-03-25)
[Loaded]	com.apple.AddressBook.ScheduledSync.PHXCardDAVSource.6ED9FD21-D4CD-42FD-A5CC-BB2 737EBF14F.plist (Apple - installed 2018-03-30)

User Login Items:

CCC User Agent Application (Bombich Software, Inc. - installed 2018-05-16)

(/Applications/Utilities/Carbon Copy Cloner 5.1.1/Carbon Copy Cloner.app/Contents/Library/LoginItems/CCC User Agent.app)

Internet Plug-ins:

Scorch: ScorchNetscapePlugin 4.1.4 build 1 (installed 2006-09-05)

o1dbrowserplugin: 5.41.3.0 (installed 2015-12-17)

SharePointBrowserPlugin: 14.0.0 (installed 2014-07-09)

Google Earth Web Plug-in: 6.0 (installed 2011-05-17)

OfficeLiveBrowserPlugin: 12.3.6 (installed 2014-07-03)

AdobePDFViewerNPAPI: 17.012.20098 (installed 2018-05-14)

FlashPlayer-10.6: 29.0.0.171 (installed 2018-05-08)

DivXBrowserPlugin: 1.3 (installed 2007-07-25)

PDF Browser Plugin: 2.1 (installed 2004-11-23)

QuickTime Plugin: 7.7.3 (installed 2018-03-30)

Flash Player: 29.0.0.171 (installed 2018-05-08)

googletalkbrowserplugin: 5.41.3.0 (installed 2015-12-11)

iPhotoPhotocast: 7.0 (installed 2008-10-28)

AdobePDFViewer: 18.011.20040 (installed 2018-05-14)

GarminGpsControl: 2.6.2.0 Release (installed 2008-09-22)

PDEPrint: 2.0 (installed 2004-05-05)

EPPEX Plugin: 10.0 (installed 2015-06-28)

ContentUploaderPlugin: 1.2 (installed 2007-07-25)

JavaAppletPlugin: Java 8 Update 111 build 14 (installed 2017-09-29)

User Internet Plug-ins:

Picasa: 1.0 (installed 2010-10-18)

Safari Extensions:

Adblock Plus.safariextz - Eyeo GmbH - https://adblockplus.org/(installed 2016-12-21)

1Password.safariextz - AgileBits - https://agilebits.com/onepassword(installed 2018-05-16)

AutoPagerize.safariextz - swdyh - http://autopagerize.net/ (installed 2010-08-04)

3rd Party Preference Panes:

Flash Player (installed 2018-04-28)

Java (installed 2016-09-22)

Time Machine:

Skip System Files: No

Mobile backups: No

Auto backup: Yes

Volumes being backed up:

Macintosh HD: Disk size: 947.34 GB - Disk used: 398.13 GB

Destinations:

T**********e [Local] (Last used)

Total size: 785.09 GB

Total number of backups: 41

Oldest backup: 2018-01-28 15:53:37

Last backup: 2018-05-18 12:47:38

Top Processes by CPU:

Process (count)	Source	% of CPU
mds_stores	Apple	17
WindowServer	Apple	4
kernel_task	Apple	3
sandboxd	Apple	0
SystemUIServer	Apple	0

Top Processes by Memory:

Process (count)	Source	RAM usage
kernel_task	Apple	776 MB
mdworker (16)	Apple	260 MB
mds_stores	Apple	183 MB
SafariBookmarksSyncAgent	Apple	106 MB
Dock	Apple	68 MB

Top Processes by Network Use:

Process	Source	Input	Output
mDNSResponder	Apple	592 KB	135 KB
usbmuxd	Apple	29 KB	24 KB
apsd	Apple	8 KB	18 KB
rapportd	Apple	1 KB	1 KB
SystemUIServer	Apple	679 B	28 B

Top Processes by Energy Use:

Process (count)	Source	Energy usage (0-100)
WindowServer	Apple	2
SystemUIServer	Apple	0
CommCenter	Apple	0
sharingd	Apple	0
com.apple.geod (2)	Apple	0

Virtual Memory Information:

Available RAM	4.85 GB
Free RAM	2.23 GB
Used RAM	3.15 GB
Cached files	2.62 GB
Swap Used	0 B

Clean up:

/Library/LaunchAgents/com.orbicule.uclocator.plist

/usr/bin/uc/uclocator

Executable not found

/Library/LaunchDaemons/com.orbicule.uclocator.plist

/usr/bin/uc/uclocator.app/Contents/MacOS/uclocator

Executable not found

/Library/LaunchDaemons/com.orbicule.uc.plist

/usr/bin/uc/uc

Executable not found

~/Library/LaunchAgents/com.adobe.ARM.***.plist

/Volumes/M***********n/A**********s/A*************0/A**************p/C******s/M* **S/U*****r/A*****************************p/C******s/M***S/A******************** *****r

Executable not found

/Library/LaunchDaemons/com.taoeffect.ispyd.plist

/Library/iSpy/ispyd

Executable not found

Diagnostics Information (past 7 days):

2018-05-18 12:56:42 SIMBL Agent.app Crash (20 times)

/Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app

dyld: launch, running initializers

/usr/lib/libSystem.B.dylib

2018-05-18 12:51:06 guid.app Crash (20 times)

/Users/***/Library/Application Support/guid/guid.app

2018-05-16 06:21:23 quicklookd.app Crash

/System/Library/Frameworks/QuickLook.framework/Versions/A/Resources/quicklookd.a pp

quicklookd seems struck trying to quit, crashing

abort() called

2018-05-15 16:58:08 iTunes.app Hang

/Applications/iTunes.app

2018-05-12 08:40:40 Quicken.app Hang

/Applications/Quicken 5.5.7/Quicken.app

End of report

Reply

Level 9

70,267 points

May 18, 2018 3:11 PM in response to bobandris

You have an incredible amount of junk installed.

For the .zip file, it may be being created by iSpy, which you have installed as a kernel extension. This is supposedly what it does:

iSpy is the kernel extension associated with Espionage 2, a folder-encryption software package.

Why you would even bother to have something like this installed, I don't know.

I'm not quite sure where to even start with the rest of it. Other than for sure, get rid of Cocktail. It does nothing useful. Even more for sure, remove CleanMyMac, which is some of the worst garbage you can put on a Mac. There's no telling what damage CMM has done, and it's well known for that.

Why are you playing with system modifications, such as the icon changer? They may be fun, but such software is never good for any OS. You're forcing changes against how the OS is supposed to operate for no useful reason. Read - let's make the OS less stable.

Orbicule is useless. Anyone with even just a mediocre brain who steals your Mac is going to erase it. There's goes your so-called protection. Save your money. Can it.

@ pjir96

Uh, no. It has not one itty-bitty thing to do with backing up your Mac. It shouldn't be there at all.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

What is latest.zip file?

Welcome to Apple Support Community

A forum where Apple customers help each other with their products. Get started with your Apple Account.

Learn more Sign up