Man, that title makes me feel like I should apologize to everyone. All right, here's my scenario. I'm running Windows 7 64-Bit with Avast Interet Security, Comodo Firewall (HIPS has saved my bacon before) MBAM Premium, and Superantispyware pro, along with MCShield, and Win Patrol. Oh an of course Cryptoprevent set at maximum security. Here's my issue, at startup and without knowing what's cauing it to run, I'm seeing a process in task manager called runonce.exe description puts it as Windows Run Once Wrapper located in Windows/System32 folder. I can easily end the process and get rid of it for the duration of my use, however, I'm more interested in what's causing it to run. I've run a TON of scans, including but not limited to:
Avast Full & Boot, says no threats found,
Custom MBAM scan for the entire drive which has 0 threats found,
MBAR came back clean,
TDDSSKiller also clean,
Adwcleaner shows nothing,
On a hunch I ra Combofix (yes I Know bad me, bad! I've used it MANY times in the past and have a feel for how it works.) Intriguingly it deleted a file I believe it was twain_16.dll out of the Windows folder. No damage from that, but also no preventing the runonce from loading at start up. Any advice on what this may be and how to prevent it from starting on load? Any and all help is greatly appriciated. Thank you.