Usually avast when it finds a virus in memory it asks if you want to schedule a boot-time scan (or words to that effect). Have you done a boot-time scan which should ensure any virus files are removed before windows boots and gets into memory…
Because they were in the system folders, there is every likelihood that when moved or deleted from windows, it will save them as restore points. So disable system restore and reboot, this will clear restore points and stop them being backed up by windows to restore points. Once you are sure that you are clear you can enable system restore again.
Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can’t put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.
Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator.