You said your antivirus has been acting up? How about your firewall?

I know automated scans give mixed results, but I ran your HighjackThis file through HijackThis, but am unable to post the results. You would have to post your log there yourself, if you haven't done so already.

But I got 11 unknown applications and the five possible nasty hits that zENGER mentioned. I tried to search the 11 unknowns in different combinations, but was unsuccessful in turning up any solid hits on those items in question exept this one:

O4 - Global Startup: Fax Sr. Notify.lnk = C:\FaxSrCli\Notify.exe

When I ran Notify.exe through google I got a hit from symantec about a Backdoor.Armageddon.B found here. . Though it is not the exact same extension as the one found on your logs, it was using a Notify.exe

Backdoor.Armageddon.B is a variant of a zoo Trojan. It is a server that is accessed through any number of known clients.

When it runs, the executable moves itself to %windir%\System\Notify.exe.

It modifies the %windir%\System.ini file so that it will run when you restart Windows. In the [boot] section of the file, it appends %windir%\system\Notify.exe to the shell= line. Typically this line is shell=explorer.exe, although some systems have additional boot shells loaded.
NOTES:

* %windir% is a variable that refers to the folder in which Windows is installed. By default this is C:\Windows or C:\Winnt..
* The modification to the System.ini file is effective only on Windows 95/98/Me-based computers.
I am far from an expert, so it could be nothing. I was about to just move on until after reading this thread about 3 or 4 times when I noticed that you mentioned that your AV was acting up and that you were reinstalling it this last time I looked the thread back over (actually, I did notice that the first time, but never made a connection till last) and remembered seeing this there, as well, at the very top on what a Backdoor.Armageddon.B does:

Backdoor.Armageddon.B allows unauthorized access to the infected computer. When it is run, it disables antivirus and firewall software.
And this, also under "Notes":

When the infected computer is started, the Trojan notifies the hacker. This Trojan uses port 6969. It also searches for major antivirus and firewall packages, and disables them if they are running.
So that is why I was asking you about your AV and firewall, because I recalled you mentioning that, and that is what lead me to post after all. Again, I am not an expert in this matter, but I just wanted to see if I could find anything out for you. I'm just trying to help find a solution, so, don't kill the messenger Hope this is of some use to you.

Cheers!