Thanks Joe, when my isp says: Our systems have alerted us that on 12/25/2013 malicious IP addresses in Russia & - an IP address in Belarus) logged into the FTP account and uploaded malicious files.We've removed the files from the account. The FTP password for the account has been changed to"
They are talking about my computer account right? Not some server I have nothing to do with.
You are misconstruing the message from your ISP. They are talking about logging onto your account
ON THEIR SERVER not your user account on your Mac.
They are placing the blame on my shoulders…
They are not placing blame on your shoulders. They are placing blame on the owners of the computers in Belarus.
But… you are saying they don't know what they are talking about? (and while they are smart, maybe you are smarter..).
They definitely blamed this on me, my weak password or what not, and demanded I got Sophos so as they don't have to save my ass in the future.
Their analysis was wrong? It's hard to get my head around it.
This thread has gotten tangled and there have been misinterpretations and misunderstandings. In the first place assigning blame is a pointless exercise that accomplishes nothing. Are your ISP (Internet Service Provider) and web site host one in the same or separate entities? From your comments I find it has been difficult to keep straight what is coming from your ISP, your web host, and Shirtpocket software (the vendor of Super Duper.) This post has been helpful in sorting all that out.
What I am sure of is whoever is
demanding you get Sophos does hot have a full grasp or understanding of the current state of the Macintosh
vis-a-vis security and viruses.
Ironically Sophos was driving me crazy for a year, asking every day or so if I wanted to clean up a threat (always a trojan attachment coming in from spam) I would go to Quarantine manager and clean up the threat). And enormous amounts of work and help from one of their top techs. I was able to have them clean up these threats without bothering me or me going to Quarantine manager.
Did you ever sort out what kinds of malware were showing up in Quarantine manager?
Ie. were they windows viruses or some other kind of virus? If they are Windows viruses and you are not posting the files on your blog or otherwise risking infecting Windows computers then why do you care about them?
Windows viruses cannot infect your Mac.
Then this stuff started happening with the conflict with Super Duper. So maybe that's related?
I started with Carbon Copy Cloner but switched to Super Duper when it came out. I forget whether it was Yosemite or El Capitan that I had problems with SD and switched back to CCC. All I can say is CCC is working perfectly for me now.
Someone suggested elsewhere I try Avast or one other AV to see if it does not conflict with SD. But you advice would probably be to go barefoot, which is what I had been doing for 10 years until I got that email from the sip, after I could not get into my blog.
IMHO as far as AV software goes it is pretty much six of one and half a dozen of the other. But that is must my opinion.
I'm open to bailing totally, but I probably would not tell the sip for awhile.
Again IMHO the software you run on your computer is none of your ISPs business.
I suspect that at least in part, the ISPs
demand is a result of a misunderstanding of the original message to mean your personal computer had been hacked or infected, and subsequent miscommunication between yourself and the ISP's tech support coupled with a Windows-centric viewpoint on their end.
Rather than assuming you are being blamed as the malefactor in this scenario, there are questions you need to ask yourself why you are receiving so much virus infected traffic? Maybe you need to take another look at where you goon the internet with a more cautious/skeptical viewpoint? Maybe you need to unsubscribe from sources that consistently turn up with infected files? Perhaps rather than going to the hassle of disinfecting infected files in the quarantine folder all you need to do is delete them?
