Yeah, I work for a major university and we've had major problems with this since January of this year.
It's suspected that it's coming in through outdated JAVA. Go to control panel (under and admin account), go to JAVA, and update from there.
Here's how we get rid of it since SEPS doesn't catch it automatically.
1) Try to launch taskmgr. If you can't (sometimes av.exe or ave.exe will block it from starting), restart the computer. AS SOON as it logs in, press ctrl-alt-del and launch task manager. You can get to task manager if you start it up BEFORE the virus is loaded into the processes. Be vigilant, you just have to be quick.
2) Kill the process av.exe or ave.exe or whatever name it's calling itself in your special iteration.
3) open regedit and do a search for the process you just killed. Delete any instance of it. It will be in several locations.
4) while you're looking through the registry, see where it's storing the file av.exe (usually in the hidden application data folder under the user's profile). Hard delete the file (hold shift while you delete).
5) After you delete all those keys that include av.exe (or your iteration), it will very likely block your access to opening .exe files. You'll need to rebuild this association (this is due to your wreckless deletion of registry keys in step 3. You're so irresponsible!). to rebuild the association, go to control panel -> folder options -> file types -> New Association. In the box, type exe, and then click advanced. From the drop down menu choose Application. Your associations are back and you can run exes again.
6) By this point you have manually removed the virus's ability to function. For all intents and purposes it's clean. BUT there are still traces lingering throughout the system.
7) At this stage, download the program malwarebytes, install, update, and run it. Start a Full scan with it. It will find a few leftover files and registry entries (nothing big) and then it is completely removed.
Hope this helps! It works like a charm for us.