It is not likely that XPLite caused the malware. Very likely something else was responsible for it.

QHost takes advantage of a “object type” vulnerability in Microsoft’s Internet Explorer browser. Exploits were discovered in september/october 2003. (more info)

1] There is no application, nor will there ever be, that can detect and remove all malware.

2] Avast’s main priority is detecting viruses, not all malware.

3]

which detected and removed 12 trojans+virus+malaware+cookies

trojans and viruses are malware.

Perhaps the definations HERE will help you to understand the differences.