A cursory glance (right click on the Shield in the system tools) shows that VirusScan Enterprise was alive and well on his machine, and the consol showed that the last auto-update was successful. Initial attempts to uninstall the unwanted program using Control Panel, Add or Remove Programs were unsuccessful. Googling the phrase How do I get rid of McAfee Security Scan turned up several suggestions involving booting into Safe Mode or installing anti-malware programs. There were also several suggestions that McAfee Security Scan is downloaded with an update to Adobe Reader, which our user had recently installed.

This is the removal method which worked for us:

• Run msconfig using the Start, Run dialoge
• When msconfig has loaded, click on the Startup tab
• Find the entry for McAfee Security Scan, and uncheck the box
• Then click on Apply

This will prevent the application from reloading next time you start up. Next you need to uninstall the application:

• Call up Windows Task Manager
• Click on the Applications tab
• Click on McAfee Security Scan then click the End Task button
• Fire up Control Panel then double click Add or Remove Programs
• Wait a minute and McAfee Security Scan will relaunch and appear again in Task Manager, just like malware!
• In Task Manager, click McAfee Security Scan, then End Task again
• In Control Panel, immediately click Change for McAfee Security Scan, then Remove

If you have found this program installing itself without your conscious intent or consent we suggest that you voice your disapproval to Adobe. If enough people post their disapproval of this forced installation of annoying software to Adobe, they might just change their policy.

To any Adobe directors reading this, let me be the first to admit that you market some brilliant software, which is a credit to your company. Why risk your excellent corporate image with this offensive and shoddy software installation tactic?

For anyone else who is installing or upgrading Adobe Flash or Reader, take special note that there is an optional McAfee Scan listed in the installation that must be unchecked if you do not want to install McAfee Security Scan.

If your computer is infected with this worm, you may not experience any symptoms, or you may experience any of the following symptoms:

• Account lockout policies are being tripped.
• Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender, and Error Reporting Services are disabled.
• Domain controllers respond slowly to client requests.
• The network is congested.
• Various security-related Web sites cannot be accessed.

For more information about Win32/Conficker.b, visit the following Microsoft Malware Protection Center Web page http://www.microsoft.com/security/portal/Entry.aspx?Name=Win32/Conficker

Network managers can also stop Conficker from spreading by using Group Policy, and creating a policy that applies to all computers in a specific organizational unit (OU), site, or domain in your environment. For more details on this process see Microsoft Help and Support Article ID 962007