In this article, we will show you how to deal with unresolved items in Time Machine Backups, Boot Camp and Parallels.
Malicious items in Time Machine
NOTE: Right click on the image and open it in a new tab to view it in full size.
The system doesn’t allow removal of infected backup content directly from Time Machine. It is safe to exclude your backups from scanning. In case you restore any infected files from a backup, Bitdefender Antivirus for Mac will detect them.
By default, Bitdefender is set not to scan content in backups, but there are certain situations in which you might need to exclude Time Machine from scanning,
How to exclude Time Machine backup disk from scanning
1. Click on the top menu bar icon of Bitdefender.
2. Click on Preferences.
3. Go to Exclusions.
4. In the exclusions windows click on “+” button and navigate and choose your Time Machine backup disk. Alternatively you can drag the drive to the exclusions list.
5. If prompted, please insert the administrator password; the drive will no longer be scanned.
NOTE: If you use this volume for storage as well, then exclude only the folder with the backups, not the entire volume.
To remove malware items from backups, you can use Time Machine:
• Click on the Time Machine icon in the upper menu bar and select Enter Time Machine.
NOTE: If the Time Machine menu is not shown in the menu bar, click on the Apple icon in the upper left corner and select System Preferences. Click on Time Machine, then select Show Time Machine in menu bar.
• Browse through the backups Time Machine created.
• Select the item you want to delete, then click the Action menu button, represented by the and choose Delete All Backups of [name of infected item].
To find the exact path of the malicious item, check the history tab in Bitdefender Antivirus for Mac.
• Click on the Bitdefender icon in the top menu bar.
• Select Preferences.
• Go to the History tab and in the Details column you will see the full path of the file.
Time Machine local snapshots/MobileBackups/com.apple.TimeMachine.localsnapshots
Time Machine saves some of its backups to your startup drive, when your backup drive is not connected. These backups are called local snapshots. They are automatically enabled when you turn on Time Machine, and disabled when you turn Time Machine off.
If they contain malware items, these snapshots should be deleted, by following the steps detailed below:
1. Click on the Apple icon in the upper left corner of the screen.
2. Click on System Preferences.
3. Select Time Machine.
4. Uncheck the Back Up Automatically option (for Sierra) or turn OFF Time Machine (for older macOS versions).
5. Reboot your system. After the reboot, all the local snapshots will be deleted.
6. Now reactivate Time Machine.
How to deal with malware items in Boot Camp/Parallels
Antivirus for Mac cannot delete malware from Parallels or Boot Camp because it cannot modify files on NTFS drives.
NOTE: Bitdefender Antivirus for Mac can only scan NTFS drives. To get rid of malware items, we advise you to exclude Boot Camp and Parallels from scanning and install a Windows-compatible Bitdefender product on the infected systems.
How to exclude Boot Camp from scanning
• Click on the top menu bar icon of Bitdefender
• Click on Preferences.
• Go to Exclusions.
• In the exclusions windows click on “+” button and navigate and choose Boot Camp. Alternatively you can drag the drive to the exclusions list.
• If prompted, please insert the administrator password; the drive will no longer be scanned.
How to exclude Parallels from scanning
• Open the Parallels app.
• Click on the Settings button in the Control Center window.
• Select Options in the upper part of the window.
• Click on Sharing, then select Share Windows in the right side.
• Uncheck the Shortcuts to virtual disks on Mac desktop option.