@sgrundleger – Thanks for taking the time to write a detailed topic and outline the things that you are encountering.
If you consider the things that Local does, it does have the potential to do some pretty powerful things, which if done without your knowledge, then it would be “really bad.”
However, since Local is trying to do some advanced system configuration to get a development environment up and running, it does need to adjust some things. Off the top of my head, the usual actions that Local does that could be viewed as problematic:
- Start processes you typically only see on a server (nginx/apache, PHP, MySQL)
- Edit the Hosts file so that the domain is resolved to the site Local is managing.
- Local’s router is set up to listen on port 80. The router is responsible for directing requests to the actual WordPress site. Because port 80 is the default for HTTP requests, I could see how malware would want to occupy that port, and by extension, why antivirus would be monitoring that sort of activity.
This is interesting – do you have a list of those files that were quarantined?
What makes you say that restoring didn’t work – for example, did you see a specific error, or is it just that Local isn’t working after restoring?
To your specific question:
Do you have a screenshot or recording of what you saw in Acronis? I’ve never seen the flow that happens with that piece of software, so I’m curious what it’s doing to lock Local down.
Since you’re on a Mac, you should be able to uninstall Local by:
- Delete the application in the
/Applicationsfolder (or wherever you installed it) - Delete (or temporarily move) Local’s configuration and settings. This is located at
~/Library/Application Support/Local
NOTE
Deleting the ~/Library/Application Support/Local folder will mean deleting the raw db files for the sites, which means the potential for serious data loss. Instead of deleting the folder temporarily moving it might be a good idea. The specific place where the site db files are located are within the run folder.
Lastly, can you please provide your Local Log? See this Community Forum post for instructions on how to do so: