Lots of "Cleanup Failed" for Time Machine files - just delete those backups?

Yes, you can delete the backups.  Or exclude the Time Machine from any regular scan you run and clear the items detected from the quarantine list and hence ignore what's in there in future - this speeds up the scan too.  

If the files are in the backup then they can't hurt the running system.  You'd have to restore them from the back up and even then the on-access scanner would kick in and block access.  Chances are they are Windows-only threats and so can't hurt your Mac.

Perfect, that's what I wanted to hear!  Thank you!

Hi newbie here. I've been going crazy with trying to find and delete malware zip files in my TM backcups. Sophos picks them up but for the life of me I cannot find them in the backups. They're email attachmetns and I thought I set my system to not hide the library folder etc. I've searched by general or exact file titles. I've gone to those specific dates, etc. Nothing. I've had Quarentine Manager open the files in Finder and - viola! - there they are. Of course I can't delete them as teir in TM. But again, I can't actually find them.

I take it from your response that I have nothing to worry about and can simply clear my Quarentine Manager and not worry about it anymore?

Just in case I've uploaded some files showing a bit of what I'm talking about.

Best,

Joel

If they are in a Time Machine backup then you don't have to worry about them.  As space for newer backups is required the older backups will be deleted.

You can exclude the Time Machine volume from being scanned in future scans.  Right-click the white area of the scan you're running and select scan settings, then on the 'Excluded Items' tab add the Time Machine volume.  Example of screen you need to be on:

Also see the scanning your mac video on our YouTube channel:

If you really want to dig into the backup and locate/delete the items (not recommended as it's unncessary) then you will probably have to enable hidden files in Finder (before entering Time Machine).  From Terminal run:

defaults write com.apple.finder AppleShowAllFiles -boolean true
killall Finder

 Then entered Time Machine as locate the items.  Watch/listen to the video below...

After exiting Time Machine you can hide the normally hidden files with the command:

defaults delete com.apple.finder AppleShowAllFiles
killall Finder

Hope that helps.

Thank you, this is great! I will not worry as I suppose these files are not really active. If I were ever to need to restore from an infected backup my guess is Sophos would delete the now "active" files from my current system. 

Best,

Joel

tried to follow your instructions to have the scan avoid the time machine - but when i right click on the white screen, choose scan settings, then excluded items - there is nothing to choose from and it won't let me click the plus to add time machine. Any other suggestions?  I am on Mac 10.7.5

---

buffalo234 wrote:

there is nothing to choose from and it won't let me click the plus to add time machine

---

As per the video you should be able to exclude any attached drive/folder from the 'Scan This Mac' scan, or a custom scan.  Can you post what you're seeing?