I have been watching this thread, and I noticed that The File System Shield is the one catching this Trojan, not the Webshield. The File System Shield monitors programs and files stored on your computer.
According to the Popups posted, Internet Explorer seems to have been infected before going to Paypal.
The reason people see this with IE and not Firefox, is because Firefox is not infected.
Internet Explorer obviously has a weakness that is being exploited by this Trojan, and it doesn't affect Firefox.
So I would say the problem is not with Avast, it's doing its job, and the problem is not with Paypal. The problem is with Internet Explorer.