I have never seen this before and would love some help.
I have a client that has a Windows 7 Pro 64 bit PC.
She had malware that would not allow her to get to the internet.
I ran Malwarebytes and it cleaned everything up except for when you start the PC, after everything starts up, before you try to go anywhere, Malwarebytes comes up four times with websites that it has blocked, which are f0fff0, db7093, fa8072, and then an unnamed website. Remember this is BEFORE you double click on anything, ie, Internet Explorer or Google Chrome).
Here is a list of the programs that I have run, with a reboot after each, and I still get the same thing and none of them found anything to remove except for combofix and adwcleaner
malwarebytes anti rootkit
Kaspersky cleaning cd
As stated after each program that was run, rebooted PC, and same four came up on startup. I was able to use Internet Explorer.
For giggles, I allowed the exclusions on these four and then it went back to square one. Ran Malwarebytes and it found the ArcadeWeb malware.
Ran Malwarebytes to let it clean and am back to the four coming up on startup.
Also looked under msconfig and registry and could not find these four to delete anywhere (as some websites suggest) so that is a no go.
Any help would be greatly appreciated.
Since this is a client's PC, I have to schedule time to go to her place to fix this so some patience on suggestions would be greatly appreciated.