In this article, we will show you how to deal with unresolved items in Time Machine Backups, Boot Camp and Parallels.
Malicious items in Time Machine
NOTE: Right click on the image and open it in a new tab to view it in full size.
The system doesn’t allow removal of infected backup content directly from Time Machine. It is safe to exclude your backups from scanning. In case you restore any infected files from a backup, Bitdefender Antivirus for Mac will detect them.
By default, Bitdefender is set not to scan content in backups, but there are certain situations in which you might need to exclude Time Machine from scanning,
How to exclude Time Machine backup disk from scanning
1. Click on the top menu bar icon of Bitdefender.
2. Click on Preferences.
3. Go to Exclusions.
4. In the exclusions windows click on “+” button and navigate and choose your Time Machine backup disk. Alternatively you can drag the drive to the exclusions list.
5. If prompted, please insert the administrator password; the drive will no longer be scanned.
NOTE: If you use this volume for storage as well, then exclude only the folder with the backups, not the entire volume.
To remove malware items from backups, you can use Time Machine:
• Click on the Time Machine icon in the upper menu bar and select Enter Time Machine.
NOTE: If the Time Machine menu is not shown in the menu bar, click on the Apple icon in the upper left corner and select System Preferences. Click on Time Machine, then select Show Time Machine in menu bar.
• Browse through the backups Time Machine created.
• Select the item you want to delete, then click the Action menu button, represented by the and choose Delete All Backups of [name of infected item].
To find the exact path of the malicious item, check the history tab in Bitdefender Antivirus for Mac.
• Click on the Bitdefender icon in the top menu bar.
• Select Preferences.
• Go to the History tab and in the Details column you will see the full path of the file.
Time Machine local snapshots/MobileBackups/com.apple.TimeMachine.localsnapshots
Time Machine saves some of its backups to your startup drive, when your backup drive is not connected. These backups are called local snapshots. They are automatically enabled when you turn on Time Machine, and disabled when you turn Time Machine off.
With High Sierra, the OSX saves the Local Snapshots differently than the older OSX and for this reason; you should exclude them from being scanned by Bitdefender:
• Hold the Command+Shift buttons then press on the . (dot) button;
• This will enable the option to view hidden files;
• Hold the Command button and press Space;
• This will open the Spotlight search window;
• Type /Volumes and press Enter;
• Leave the new window open, for now;
• Click on the Bitdefender icon from the Menu bar;
• Select Preferences and then select Exclusions;
• From the Volumes window, drag and drop the file presented below over to the Bitdefender Exclusions window:
• You should be able to see a new entry in the Exclusions list;
• Hold the Command+Shift buttons and press on the . (dot) button once more to disable the option to view hidden files;
• Reboot the computer and check if the issue still persists.
For older OSX, these snapshots should be deleted, by following the steps detailed below:
1. Click on the Apple icon in the upper left corner of the screen.
2. Click on System Preferences.
3. Select Time Machine.
4. Uncheck the Back Up Automatically option (for Sierra) or turn OFF Time Machine (for older macOS versions).
5. Reboot your system. After the reboot, all the local snapshots will be deleted.
6. Now reactivate Time Machine.
How to deal with malware items in Boot Camp/Parallels
Antivirus for Mac cannot delete malware from Parallels or Boot Camp because it cannot modify files on NTFS drives.
NOTE: Bitdefender Antivirus for Mac can scan NTFS drives but it cannot take action regarding any files. To get rid of malware items, we advise you to exclude Boot Camp and Parallels from scanning and install a Windows-compatible Bitdefender product on the infected systems.
If you use Boot Camp/ Parallels for saving important documents, sending emails, we recommend you to send us a Bdsys log from Windows OS like in the article here and samples from Windows partition. Besides the Bdsys log and the samples, send us some pictures displaying the infected items and a Scan log from your Mac device. We recommend you to use security solution also on your Windows partition.
If you use Boot Camp/Parallels for testing of for playing games, we recommend you to exclude Boot Camp/Parallels from scanning.
How to exclude Boot Camp from scanning
• Click on the top menu bar icon of Bitdefender
• Click on Preferences.
• Go to Exclusions.
• In the exclusions windows click on “+” button and navigate and choose Boot Camp. Alternatively you can drag the drive to the exclusions list.
• If prompted, please insert the administrator password; the drive will no longer be scanned.
How to exclude Parallels from scanning
• Open the Parallels app.
• Click on the Settings button in the Control Center window.
• Select Options in the upper part of the window.
• Click on Sharing, then select Share Windows in the right side.
• Uncheck the Shortcuts to virtual disks on Mac desktop option.