Win32:Karagany-M [Trj] - help

I performed an AV scan after updating AV definitions:

Virus Found:
File Name:
C:\Users\Silver\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\4d610a4d-18f39461

Severity High

Status Threat: Win32:Karagany-M [Trj]

Action Move to Chest (successful)

Next, a boot-time scan detected 5 more files:
fire.class, poison.class, bilbo.class, frodo.class, saruman.class
Threat: Java:Agent-DT [Expl]
Threat: Java:Agent-DU [Expl]
Threat: Java:Agent-GJ [Expl]
Threat: Java:Agent-EG [Expl]
Threat: Java:Agent-DV [Expl]

Action Move to Chest (successful)

Repeat scans do not detect virus. Virus continues with persistent popups. How to proceed? ???

try this, remove java with JavaRa and reboot, then install new java version

http://www.softpedia.com/get/System/System-Miscellaneous/JavaRa.shtml

report back

Downloaded JavaRa install file (avg_isct_stb_all_2011_1390_ppc2.exe) on clean computer.

Does not start on infected computer (hourglass icon appears briefly).

Advise?

(file extracts successfully on the clean computer).

the file name is javaRa.zip

try this
http://sourceforge.net/projects/javara/files/javara/JavaRa/JavaRa.zip/download

JavaRa removed old version, log attached. JRE says to defer installation until out of safe mode.

Virus persists with interference/popups.

Advise?

Follow this guide from our expert malware remover Essexboy
http://forum.avast.com/index.php?topic=53253.0
( post the logs HERE and not in the guide )

To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( Malwarebytes log / OTS log ) save OTS log as ANSI

Essexboy will look at the logs when posted…he is in bed now so later today…