I'm posting my recent experiences with a trojan which I eventually magaged to remove (at least, that's my hope).

I am using McAfee Internet Security 11.6. A few days ago I mindless ran a suspicious program downloaded from the Internet which contained a trojan.

When I ran the program McAfee reported it as infected but evidently did NOT prevent the  trojan to run and install itself (disappointing).

Since then the McAfee firewall started turning itself off every 10 minutes or so. I performed a full system scan with McAfee but the system was found clean.

Even when explicitly scanning (right-click on the file name, Scan) the original infected executable McAfee said it was clean.

I uploaded the executable to www.virustotal.com and here are the results:

AntiVir                              BDS/ZAccess.yrh.1

Avast                              Win32:ZAccess-JH

BitDefender                    Trojan.Agent.AWXR

Comodo                              TrojWare.Win32.Trojan.Agent.Gen

DrWeb                              Trojan.DownLoader6.62544

ESET-NOD32                    Win32/Sirefef.EV

F-Secure                    Trojan.Agent.AWXR

Fortinet                    W32/ZAccess.YRH!tr.bdr

GData                              Trojan.Agent.AWXR

K7AntiVirus                    Backdoor

Kaspersky                    Backdoor.Win32.ZAccess.yrh

Kingsoft                    Win32.Troj.Agent.cg.(kcloud)

McAfee                              ZeroAccess.hg

Microsoft                    Trojan:Win32/Sirefef.P

Norman                              W32/ZAccess.PDF

nProtect                    Trojan.Agent.AWXR

Panda                              Trj/CI.A

Sophos                              Mal/EncPk-ACO

Symantec                    WS.Reputation.1

VIPRE                              Trojan.Win32.Generic!BT

ViRobot                              Backdoor.Win32.A.ZAccess.165888.X

I then downloaded and scanned my system (all files for each scan, it's taken ages!) with these programs (the latest versions available):

McAfee RootKit remover

McAfee Stinger

Sophos Virus Removal Tool

Kasperky TDSSKiller

SpyBot search and destroy

SpyHunter

Malwarebytes Anti-Malware

NONE of these programs found any infected file on my system, so this sucker of a trojan was hiding very well indeed!

I also tried scanning after rebooting windows in Safe mode (with or without network) but nothing changed.

As a last resort I  physically took out the hard disk from my laptop and then used an external USB hard disk bay to access it from another computer and then scanned it using F-Prot security. This scan too didn't find anything; however I realised that several directories (including the directory where the original infected executable was) were not accessible from Explorer due to Window's privacy controls, so this scan probably doesn't really count.

Eventually I found threads on the McAfee forums reporting similar problems; in one of the messages there is a link to this guide http://malwaretips.com/Thread-How-to-completely-remove-ZeroAccess-Sirefef-rootkit-Removal-Guide "How to completely remove ZeroAccess/Sirefef rootkit". I followed the instruction to the letter and (I think!) I managed to get rid of the flipping trojan.

Essentially I downloaded and executed EZ_SireFix.exe, ServicesRepair.exe and ComboFix.exe (following the instructions) and having done that the problem with the McAfee firewall turning off stopped.

I downloaded and ran HitmanPro, and ESET online scanner and neither of them found any problem on my system (for what it's worth).

Over the following week I didn't notice any suspicious behaviours in my computer so I assume it is clean.