so, there was another reboot around 14:00 today, and, again, right when i said i was going to get to reading.

i found the same funny update files in the mozilla directory, and this time did a search in the registry for the hex key, and cleared it out. very strangely, some of the hex keys explicitly denied me, the only admin on the machine, from deleting the key. but, i mean, you can't actually do that, i can take ownership of the file...

i cannot find security descriptors for the pagefile or the hibernation file and cannot edit anything while it's running. i actually disabled the features to turn them off, and i'm getting the same strange access errors when they come back. i guess there's only two options: my image is defaulting to the initial install user, or somebody actually has control of my pagefile.

the pagefile is set to clear on shutdown, so my initial reaction is going to be to turn the machine off rather than hibernate it. for now. and to keep an eye on it....

i need to be able to see what this thing is doing before i can react further to it.