Question about attachments
our virus scanner detected an infected file in one of the EV_CVT_Temp_ folders. This file was moved immidiately to the quarantine by the scanner software. If I am correct these CVT_Temp folders are used for archiving as well for manual archiving.
My question is if I have any chance to find out who of our users has archived this infected file? I checked all available EV logs but could not find any username or file.
Is there propably a chance to find out something in the EV DBs? Unfortunately we are not using Journaling.
EV version is 10.01 and we are running Exchange 2010.