Malware authors often create new variants of older malware to save them the effort of creating something completely new. If you are still having issues with a newer variant of this please can you give further details, and submit samples of files which are not being detected or are seeing clean failures. If your business is impacted at all by this threat I would strongly recommend contact technical support and logging a service request too.
Hope this helps,
the coreflood!mem on explorer.exe seems to be happening because of DLL or DAT files that are hooked to explorer.exe on boot up and is causing detections.
I suggest getting with support to validate the root files causing the detections.
I've seen .dat files in system32 with current modified dates that are very suspicious and is in the process of working with mcafee labs in getting new definitions created.
These files is seen to hook into explorer.exe, and once mcafee detects as coreflood!mem, those files are then seen unhooked, until a reboot.
Remove Coreflood using the perl script found here: http://www.secureworks.com/research/threats/coreflood-removal/?threat=coreflood-removal
The instructions work well, and while the script is a bit old, the only thing that needs to be modified for it to work against recent variants is the POST path (last time I checked, /c/a should be changed to something like index.php.
Once that's up and running, point DNS for the current C2 domain to the server running the perl script and all infected clients should remove the infection upon check-in.
Although I've seen this used successfully, I strongly recommend testing in a lab before using in production.
Hope that helps,