Well if it is the web shield alerting you there should only be one option 'abort connection.'
So it shouldn't get into your temp internet files folder unless it is coming in from a non-http source, in which case it would be the standard shield that would alert and that gives multiple options, 'move to chest,' 'delete,' etc.
What is the malware name, the infected file name, where was it found e.g. (malware name, C:\windows\system32\infected-file-name.xxx) ?
Check the avast! Log Viewer (right click the avast 'a' icon), Warning section, this contains information on all avast detections.
If there is a url there when you post it break the link so it isn't active, e.g. http://[break]www[break].suspectsite.com\suspectfile.exe, etc.