Contonso
12 years agoLevel 4
Question about attachments
Hi there,
our virus scanner detected an infected file in one of the EV_CVT_Temp_ folders. This file was moved immidiately to the quarantine by the scanner software. If I am correct these CVT_Temp folders are used for archiving as well for manual archiving.
My question is if I have any chance to find out who of our users has archived this infected file? I checked all available EV logs but could not find any username or file.
Is there propably a chance to find out something in the EV DBs? Unfortunately we are not using Journaling.
EV version is 10.01 and we are running Exchange 2010.
Regards
Okay that's a super-generic detection, as I said, it's not a virus. I'd bet good money on it.
Where is that folder located? The full path I mean.