Thank you very much for your replies.
The problem is the files themselves are not the malware. Thus, they do not have the signatures that avast would look for.
They are usually dropped in from a site and triggered with a js. They reside in memory, releasing startuip scripts, cloaked until the user restarts the machine. That is when the problems begin (during restart).
The code the files release is implemented at startup and new rendom files are created (including reg entries) that are trojans, malware, etc.
Therefore, the infections that are picked up are true infections, but they are not the actual cause. The actual causes are xrun.exe and xpre.exe. These files eventually show up in prefetch as well.
Another interesting thing I have seen that these files actually mutate in time as well. That is why truly pinpointing the signatures could prove to be quite difficult. That is why I was requesting a possible "blacklist" of these file names.
xrun.exe and xpre.exe are not used in any current software package that I am aware of. Blacklisting would be a good way to prevent infection in special cases such as this.
I'm not trying to upset anyone with this. I am just making a suggestion that would help myself and others be more productive.