once per day Avast reacts to a suspicious program (setup.exe) that is appearing in the Temp folder(c:\users.…\appdata\temp\pft7986.tmp),
but within a very short period of time the folder is disappearing, I have cleaned out Temp, and also ran boot time scans 5 times consecutively.
I was reacting to a trojan called JS:Iframe-EV which had infected various files that were cleaned out during the boot time scan sessions.
initially I was pushing the infected files to the chest but as the infection continued to persist I switched settings to delete on detection.

despite clearing Temp running scans and so on… a few moments ago the message re-appeared.

c:\users.…\appdata\local\temp\pft7986.tmp\setup.exe where pft7986.tmp folder containing the executable is missing…

anyone seen anything like this?

Please attach your logs.
http://forum.avast.com/index.php?topic=53253.0

I turned to this forum as I couldn’t source the problem, but I found the root cause and I am now challenging the author as per the software’s behaviour.
as a matter of interest and for future refernce - how does one attach logs ?

What software was causing this behaviour ?

Click attachments and other options
Select browse
Locate the file concerned

Job done ;D

the software is as far as I know custom written - from Arcsoft called “Acrsoft Showbiz” a bundled with a cheap video capture device from ebay - the seller is the author/designer of the kit.

everyday the software creates a folder in temp and attampts to execute a setup file - which avast blocks as suspicious and reccomends sandboxing at the next turn as quick as its created the folder and files within are deleted.

suspicious indeed

It is self updater… Programmers seem to think that their programmes are so important that they must run always with windows and update every day ???

That is what Avast is catching, the autoupdate function being run from the temp files instead of the programme itself