How to remove a malware from the time machine backup?

I'm not on my Big Sur machine right now to verify but not to long ago I did verify that you could Control (right) - click on an item in Time Machine and select the option to delete all copies of it.

The caveat to this is that you have to go to yesterday or before in order for that option to be available.

GDPR doesn’t protect purported or actual malware.

Anti-malware detection tools routinely encounter false positives. Routinely.

Time Machine can delete specific files from existing backups.

Time Machine can be configured to not back up certain files, or to not back up certain devices.

Run the suspect file through VirusTotal, and see if any other tools flag the file, and whether the other reports (if any) are sensible and consistent, or—and as routinely happens—bogus, such as some ancient Windows malware mis-detection within a macOS app file or macOS document.

As for what I’m reading in this thread, you will also definitely want to discuss this whole matter and data retention in general with legal counsel, as some of what I’m reading in this thread seemingly conflicts with my understanding of GDPR requirements.

Send your Time Machine feedback to Apple > Product Feedback - Apple

It won’t do any damage in your backup. Once you make another backup, then you won’t ever restore it either. Eventually, it will age out of Time Machine.

Hi there!

I would, personally uninstall this Netgear antivirus completely, and just install and run this:

https://www.malwarebytes.com/mac

(There is a temporary free version you can run as well).

Otherwise, If you are careful online, keep your Mac updated, as they come, and restart your Mac every now and then, it should be just fine. And chances are, after uninstalling your anti virus, the un-necessary pop ups will stop.

electrician1982 wrote:

Isn’t it strange that a request to deal with a misgiving in the Apple Time Machine backup software has. There could be many legitimate reasons to do so, including compliance with European GDPR rules which govern how long personal data can be kept.

All of which is completely irrelevant because there is nothing you can do about it. If it is a problem, use another backup solution.

electrician1982 wrote:

Is is being reported at malware every few hours by NETGEAR Armor security. Even if it can’t do any harm in time machine, it is annoying to get the threat notifications constantly.

That's also part of your problem. First, there is no reason to ever install or run any 3rd party "cleaning", "optimizing", "speed-up", anti-virus, VPN or security apps on your Mac.  This user tip describes what you need to know and do in order to protect your Mac: Effective defenses against malware and other threats - Apple Community.  

There are no known viruses, i.e. self propagating, for Macs.  There are, however, adware and malware which require the user to install although unwittingly most of the time thru sneaky links, etc.   

Anti Virus developers try to group all types as viruses into their ad campaigns of fear.  They do a poor job of the detecting and isolating the adware and malware.  Since there are no viruses these apps use up a lot of system resources searching for what is non-existent and adversely affect system and app performance.

There is one app, Malwarebytes, which was developed by a long time contributor to these forums and a highly respected member of the computer security community, that is desshoigned solely to seek out adware and known malware and remove it.  The free version is more than adequate for most users.  

Also, unless you're using a true VPN tunnel, such as between you and your employer's or bank's servers, they are useless from a privacy standpoint: Public VPN's are anything but private.  

All AV garbage is garbage. It’s really not arguable. It does absolutely nothing useful, but causes more harm than any malware.

I need to upgrade my router, and if there is no way to disable that garbage, I can leave Netgear products out of the search.

I would actually think the inability to delete files from TimeMachine backups is the issue here

That ship has sailed. There is no way to do that, likely due to using snapshots for the backup.

electrician1982 wrote:

A malware file has been found on my mac. i can delete it but it remains in my time machine backup. how do i remove it and all backup copies from the time machine backup?

Third party AV is not recommended— it typically does nothing but add issues, false positives, etc to the macOS and competes directly with Apples own built in security.

Apple uses its Software Update service (which also drives system software updates that show in the App Store or via the softwareupdate command-line tool) as a mechanism for installing “background and critical” updates that are installed silently in the background with no notifications to the user.

Gatekeeper mechanism, central to security services, which tries to ensure that any code loaded is ‘safe’. Code signatures are only part of this.

XProtect checks the security and integrity of files, including in broader ways too, vulnerable document types, such as JPEG images, are also screened to ensure that they’re not malicious.

Apple’s Malware Removal Tool (MRT) an app which often complements XProtect’s signature-based screening, and can automatically remove all traces of many different species of malware.

System Integrity Protection (SIP) which ensures that nothing can tamper with key system files, or even Apple’s bundled apps.

macOS - Security - Apple https://www.apple.com/macos/security/

Apple Platform Security - Apple https://support.apple.com/guide/security/welcome/web

Barney-15E wrote:

I need to upgrade my router, and if there is no way to disable that garbage, I can leave Netgear products out of the search.

https://kb.netgear.com/000060900/How-do-I-turn-NETGEAR-Armor-on-or-off-using-the-Nighthawk-or-Orbi-app

Not only can you turn it off, but apparently people using it have to PAY to use it!