You might try running the command
sudo dtrace -qn 'syscall::open:entry /arg1&O_CREAT/ {printf("%5d %s file:%s\n",pid,execname,copyinstr(arg0));}' | grep '[:/]0$'
in a terminal window. The dtrace
output will list the process ID, process name, and filename argument for any open()
call with the O_CREAT
flag set, meaning it will create the file if it does not already exist. Drop the final grep bit if you want to see all potentially file creating open()
calls, but then the output might possibly overwhelm you. Hit ctrl-C when you're done with it.
If something keeps creating files named 0
, the culprit ought to show up in the output.
(Edit: Fixed the grep invocation.)
Yes, the downloads folder comes default with a PDF explaining what that folder is there for. But there should be no "invisible" file.
If you'd like to investigate the matter more, fire up Terminal (Applications/Utilities) and type the following commands (or copy paste them). If you are new to the commandline, it is one per line and hit ENTER after each:
cd ~/Downloads
ls -la
The first will navigate to your Downloads folder. The second will list all the files in it, hidden or not.
The following is a print-out of my Downloads folder:
drwx------+ 9 cksum staff 306 6 Sep 08:16 .
drwxr-xr-x+ 25 cksum staff 850 6 Sep 09:11 ..
-rw-r--r--@ 1 cksum staff 21508 6 Sep 08:16 .DS_Store
-rw-r--r-- 1 cksum staff 0 3 Aug 13:25 .localized
-rw-r--r--@ 1 cksum staff 130035 3 Sep 19:37 1297608696_001.jpg
-rw-r--r--@ 1 cksum staff 157957 3 Sep 21:55 Radioactive_Man_Number_One_v_1024.jpg
-rw-r--r--@ 1 cksum staff 87189 5 Sep 19:51 Screen Shot 2011-09-05 at 7.51.40 PM.png
The "d" in front of all those other letters (rw-r--r, etc.) denotes a directory (or a folder). If there is none, that means it's a file (or a document of some kind). You can see the size of the file/folder in the column after "staff" (this is the group you belong too). And lastly, the date the file was created and the file name.
There are no relevant or important system files that are placed in Downloads. This is simply files the user downloads. I can't speak why it's there, but I can assure you that deleting it will not cause any harm to your system.
Best Answer
You can query the package receipt database.
on a machine running OS X 10.6 the results are