I did a recent scan and found a trojan virus in an attempted e-mail. I was able to delete the e-mail, but unfortunately, about 10 days of my Time Machine backup backed it up to my external HDD. Is there a way to delete several days of backup, or should I just re-format the External hard drive and start Time Machine all over again? If the latter, how do I do that?
iMac 24″, macOS 14.4
There are no viruses that affect macOS. None.
Uninstall whatever worthless "anti-virus" junk you had been using. The fact it identified something as a "trojan virus" is an illustration of its worthlessness. Altering a Time Machine backup will absolutely, positively corrupt it, making it worthless as well.
What a mess.
Not knowing what the "anti-virus" product is or what it did, reformatting the Time Machine backup disk is justified. To learn how to do that please read Erase and reformat a storage device in Disk Utility on Mac - Apple Support. Then start a new set of backups according to Use Time Machine to back up - Apple Support.
Rule 1 of Macs is don't install junk.
If you deleted the email that is all that needs to be done. There is no chance that a virus is going to spread from an email in a Time Machine backup to any of your System Files. This sounds more like a case of an AntiVirus software trying to prove their relevance by reporting about a problem that is not an issue. This is how they try to make you think that the service they provide is working and will continue to use it. This scare tactic works for many people.
Do not open or click on any links in a email which you don't know the sender. For those questionable email you can use this AppleScript by VikingOS to check to see if the sender is legit:
-- return-path.applescript
-- Select a given message item in Apple Mail, and then run this script. It will produce a dialog
-- showing the sender's From and Return-Path addresses. Copy the entire Return-Path
-- string into the right-window of an Apple Mail rule.
-- This script *does not* alter, or remove individual email messages.
-- VikingOSX, 2019-10-23, Apple Support Communities, No warranties of any kind
use framework "Foundation"
use AppleScript version "2.4" -- Yosemite or later
use scripting additions
property NSString : a reference to current application's NSString
property NSRegularExpression : a reference to current application's NSRegularExpression
property NSRegularExpressionCaseInsensitive : a reference to current application's NSRegularExpressionCaseInsensitive
tell application "Mail"
if not it is running then activate
if not (get selection) is {} then
set theMsg to item 1 of (get selection)
else
return
end if
tell theMsg
set theSender to its sender
set theHDR to its all headers
end tell
end tell
set rtnpath to my return_address(theHDR) as text
set fmsg to "Sender Address:" & return & theSender & return & return & ¬
"Return-Path:" & return & rtnpath
display dialog fmsg with title "Current Mail Item Addresses"
return
on return_address(atxt)
set hstr to NSString's alloc()'s initWithString:atxt
set pattern to "(?<=Return-Path:|Return-path:)\\s+<(.*?)>.*"
set regex to NSRegularExpression's regularExpressionWithPattern:pattern options:NSRegularExpressionCaseInsensitive |error|:0
set hrange to current application's NSMakeRange(0, hstr's |length|())
set matches to (regex's firstMatchInString:hstr options:0 range:hrange)
if matches = "" then return "Not Found"
set matchrange to matches's rangeAtIndex:1
return (hstr's substringWithRange:matchrange) as text
end return_address
Save it as a app and you can put it in the Dock or Script folder to show in the Menu bar:
I use it on questionable emails and get this on good emails:
showing that the sender and from (return-path) are the same. Just select an email and launch the app.
And get rid of Bitdefender. You don't need any "cleaning", "optimizing", "speed-up", anti-virus or VPN apps on your Mac.
There's no such thing as a Trojan virus. It's one or the other. They are completely different types of malware with entirely different methods of intrusion. Not to mention there are - literally - no viruses that can affect macOS.
If you did happen to get a malware attachment from someone in your emails, ignore it. Nothing can happen unless you choose to do something with it. And the chances it's Mac malware rather than Windows is very, very low.
You have Bitdefender installed which is considered malware by most experienced users on these forums. Mac OS is catlike in that it cleans itself, Mac OS does not benefit from nor does it require any of the following types of apps:
· Antivirus Apps
· Cleaning Apps
· Security Apps
· VPN Apps
· Maintenance Apps
What these types of apps do is the exact opposite of what users want. They make Mac OS slow, appear buggy, can damage Mac OS and sometimes create unwanted behaviors. In short, they are really bad news!
So the first order of business for your computer is that you need to locate the developers. uninstall instructions for Bitdefender and please uninstall Bitdefender . Because Bitdefender is pretty nasty stuff it tends to leave parts behind after being uninstalled, a testimony to how poorly written the app is! To fully ensure you have uninstalled it please download the free version of FindAnyFile directly from the developer. Then have it search your system for the following:
· Bitdefender
Have it Trash any files with those names in them and then ensure the Trash is empty.
What app did you use to do the Trojan Scan?
DO NOT touch your Time Machine backups, trying to remove backups almost always results in a borked Time Machine that becomes unusable.
Bitdefender for Mac.
svyosh wrote:
Bitdefender for Mac.
That is the source of your problem. Use any provided uninstaller to remove it.
Trojan virus discovered on my time machine
