[JS/Spigot.B]

Thank you, Marcos.  I did a bit of checking and found that indeed, JS/Spigot.B is being deleted as soon as it comes.  The only odd thing is, the ESET console does not report any action taken, even though action was clearly taken, it just reports that the threats exist, I have to manually tell it that resolution has occurred.  Is there a setting of some sort I am missing?

[JS/Spigot.B]

Our ESET management center is reporting many machines at several sites with JS/Spigot.B.  How can we best use ESET Endpoint 7.0 or 7.1 to delete these extensions and also block them from ever being installed?

[CVE-2017-5638.Struts2 being reported on server without Apache2 or Java]

OK.  I will be using OneDrive.  Can you send your email addresses to ... ?

[CVE-2017-5638.Struts2 being reported on server without Apache2 or Java]

OK.  What is the recommended method of sending a 928 megabyte file?  I cannot attach it to this reply, the max is 100M.

[CVE-2017-5638.Struts2 being reported on server without Apache2 or Java]

The resultant efsw_logs.zip file, is 928 megabytes in size.  Do you really want that whole file? 

[CVE-2017-5638.Struts2 being reported on server without Apache2 or Java]

A new Windows cloud-hosted server instance, with ESET File Security 7.0.12018.0 installed and updated, is being reported by ESET as having CVE-2017-5638.Struts2 "Detected".  The server has neither Java nor Apache software of any sort, it runs IIS as a web server with PHP Manager for IIS and Microsoft Windows Cache Extension for PHP, MySQL 5.7 as database.

This looks a whole lot like the following archived thread:

https://forum.eset.com/topic/18343-threat-log-question/