I need some more information. Was it Updox itself, or just the fact that Updox was the point of entry for the pdfs. Generally, the only way to get malware via a pdf is from an embedded Word document where the user would have to enable editing.
As far as Malwarebytes free, not sure if it is supposed to be run commercially. You can use it at a 3rd party. Malwarebytes Endpoint Protection is excellent. These days, it is crucial to run some type of malware prevention that protects against zero-day exploits such as ransomware. May have blocked the one that came in. Good job on the backups. Were they disconnected from the network.
That is also bizarre that the staff turned off the program. I don't think we would have one employee who would figure that out, unless it was just ridiculously slow. I doubt I would have. Time to get rid of local admin rights. And, take the icon off the system tray and keep them from finding it. Plenty of 3rd party apps which will block tampering with an app. Yeah, but going to a corporate edition of something is crucial. You definitely get what you pay for. And, most malware companies are getting away from DNA definitions and going with behavior-oriented.
