After dealing with the vagaries of McAfee's Managed Virus Scan product for far too long, I finally fired it from a network today. Besides causing seemingly random havoc on a few servers, continuing unresolved problems with automated updates on domain controllers was the last straw. Unfortunately, McAfee's support site doesn't supply direct links to knowledge base articles, but if you head to McAfee's KB search and enter "mcafeemvsuser" in the search field, you'll find an article describing how the client tries to create a local user on a DC, which isn't possible, and DAT file updates subsequently fail. This renders the automated updates inactive, and the event log fills up with errors pertaining to invalid permissions on the DCOM object for the scanner.
Their solution? Well, there isn't one.
I spent some time working with Component Services to try to use a domain user with restricted perms for this service, but anything short of a Domain Admin would fail, even if the DC security policy explicitly granted access to that user for that logon type, and I'm not a fan of granting that permission to any account that doesn't really need it. Finally, I gave up on McAfee Managed Virus Scan.
My solution? ClamWin. Problem solved.