I do not know if updox was the source. I thought so when I made the first post, but the more I think about it, the more doubtful I am. Frankly, I have no idea. Maybe it was my server that somehow uploaded the file to updox... Well, I hope making other ac / updox users aware will help them avoid the anxiety and grief I just went through.
Backups were disconnected from network and encrypted.
I have been using malwarebytes free for years. I do not recall ever reading that it was not to be used for business. You pay for real time protection, I think. Never saw the need for real-time protection... until now...
David says it would almost certainly have caught it had it been active real-time.
I do not know much about ramsonware. I am getting educated fast. Agree with getting rid of local admin rights. David says he will be making a lot of changes in the near future, but for now my server is back and running. Monday we will have to educate staff and reconstruct the half day of work. Thankfully, no notes were made in AC. Two new patient charts were created which I already recreated. Missing some imported stuff and paperwork. Only lost 1/2 day, maybe only 2 hours of work. Busy clinic tomorrow morning.
