@Mark:
I called in a case, and submitted 6 false positives and was told no one else has called about it.. (yet?) I suggest opening a case. They are quick to respond. (Kudo's SAV!)
In the meantime, they sent some directions on how to remove the W32.Changeup (Similar) and started following the directions. The directions pointed out closing ports on our network but those were closed ions ago,as well as Microsoft updates being done (KB967715, of which I had no record of install, but no updates were available?) then I ran the "Rapid Response Definitions", and got error messages stating it wasnt successful. Attempted to follow the next two deployment methods via TECH 104979 and TECH102607 articles, and results were the same.
It was at this point that I felt re-imaging this freshly built machine was easier to do. Hopefully no residual affcects follow.... (I am aware how this might be fruitless, but worth the efforts).
I was nervous earlier about our company-wide virus scan kicking off at 12:30 EST but it's 12:50 and I haven't gotten a call yet.... so maybe it was infected contrary to my comments above????
(PC never saw internet outside of Office 2013 updates, and SAV updates only, [no other apps exist outside of default Win stuff] including NEVER launching I/E on the machine.