at any rate, the problem seems to be back. and this time, although I haven't tried in safe mode yet, MBAM and SuperAntiSpyware are coming up clean, so once I get done running some checks I'm going to be putting up an HJT log and others in the appropriate section. I clean the temp internet files directory out regularly, so something's up.
looking at autoruns a moment ago (safe mode, mostly unused permanent admin account), I noticed SHDOCVW.DLL having a lot more entries than I remember it having; maybe something latched into it too. granted, my memory might be off on that one.
edit: this crap is cute. if I log into the other user account I can find a "content.IE5" thing in the temp internet files section of the account I use normally, which upon deletion gave back those gigabytes. now, I have "display hidden/system files" turned on so I should see it. then again, on the other account I can't see all the cookies that are kept in that directory. also can't see the "content.IE5" in the other accounts temp internet files area when I'm on that account.
I'm going to try to adjust where stuff gets stashed, but I'm still going to put up comboscan/HLJ logs in the appropriate section. this is because, and I'm going to repeat it in that post, I'm showed 4.41gb free now on drive C when in safe mode, but 4.16gb on drive C when in normal mode. whether this part is the result of a recent adjustment I made to the virtual memory minimum, I'm not sure. this descrepency MAY be a result of differing amounts of virtual memory used between normal and safe modes, however I do not know this for certain; my level of knowledge isn't totally up to knowing that in advance.
Edited by ZT-repairseek, 13 December 2008 - 11:37 PM.