We have 75+ PC's running Eset Endpoint, administrated through ERA server. All clients are up to date on definitions.
In the past few days, one of our staff downloaded *something* and infected their computer with Battdil.J. Eset did not pick up the virus when it was downloaded, or executed. It simply started to appear in the threat log in Operating Memory >> svchost.exe. Eset also failed to stop any of the several hundred emails sent from that staff member to our entire organisation shortly afterwards. The emails had the subject line "Invoice - xxxx", and a .zip attachement co