You have to hope your A/V (whoever it is) catches it before it gets into the system, otherwise, yes it is very difficult to remove. If you have a good imaging and deployment strategy, that probably is faster then trying to clean it up. Eventually the code to clean-up each varient gets added, but there are so many variants of this malware, that can be difficult and in many cases you're not in a position to wait for the cleanup code to get added.
A few things you can do to reduce malware in general:
While some variants of Antivirus 2009, etc. will install as a limited user to the user's profile, they can't prevent themselves from being easily deleted when they fail to get admin rights. If possible, limit admin rights as much as possible.
If you have "trouble" users who repeatadly get infected, try installing a toolbar to warn them when they enter a dangrous site,
WOT comes to mind.
If your users should only be running software from paticular locations and not installing it themselves, then group policies or SEP application and device control rules can easily keep your computer from becomming infected by only allowing programs to run that are in Windows and Program Files (and any other directories you need). This works esspecially well if your users do not have rights to those directories.