I recently noticed the following event log message on our Exchange 2003 SP2 server: According to MS KB 843545 the problem may occur under the following conditions: You run an antivirus program on the Exchange computer that uses the Antivirus API (AVAPI), such as McAfee GroupShield 6.0 for Microsoft Exchange. The AVAPI-based antivirus program is configured to use transport scanning. You send a digitally signed message as a user who is hosted on the Exchange computer that is running the antivirus program. The first two conditions apply and the event is probably triggered by the third condition, when someone tries to send a digitally signed message. Resolution: Install hotfix. We're using Exchange 2003 SP2 and I'm trying to avoid installing hotfixes that apply to Exchange 2003 SP1. Workaround: To work around this problem, turn off AVAPI transport scanning on the Exchange computer. We're using a gateway between our Exchange and Novell GroupWise server. This why I've enabled transport scanning in NOD32. I suppose I can safely disable transport scanning in NOD32, because I've also enabled virus scanning on the gateway. My question is about the following advice in the KB article: If you turn off transport antivirus scanning, we recommend that you turn on information store-level antivirus scanning on your Exchange computer. Forgive my ignorance, but when I have all the XMON scanner options enabled (background, proactive, plain text, rtf) is this the same as turning on information store-level antivirus scanning?