I just ran a scan with Malwarebytes Free and it found two Hi-jacker items.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_application (Hijacker.Application)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) → Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/x/xml/redir.asp?Ext=%s)

Shouldn’t Avast have stopped these Hi-jackers?

No security program have 100% detection, if they did there would not be a virus problem…

Exactly. Since you have the Internet Security package, you should use the avast Sandbox feature that came with it. (right click an application and select Run Virtualized)

I really don’t understand this “sandbox” deal. Does that mean I should run IE in Sandbox? I see there is an option to always run in Sandbox. What’s the difference between run virtualized and in Sandbox?

I know that no program is going to give you 100%, but in the 3 years I used BitDefender IS I never had a hi-jacker so I think it’s natural for me to be concerned.

Virtualized and sandbox means the same thing. You can also untick the first box in the Expert Settings (Process Virtualization tab) to make all downloads go in the sandbox. Now, when something slips past the shields, it will be contained/trapped inside the sandbox and wont infect your PC.

You were just lucky with BitDefender I guess.