|Alright, I'm pretty versed in PC issues but this one has me stumped, my Fiancee works for a major ISP doing internet troubleshooting/repair from home (basically who you talk to if you call in with a problem) well everything usually runs fine for all the PC's around here, until today.|
She was working the first half of her split sdhift when she got disconnected, running Vista Home, SP2, all security updates, up to date antivirus, no downloads go on the PC, etc, etc.
Says unidentified network access, pull a 169.* IP (should be 168 for our gateway/modem)
ESET Sirefef removal positively identified it (tried MalwareBytes anti-rootkit, avast antivirus, and malwarebytes scans they all found nothing)
However ESET's tool couldn't fix it (it'd just reboot and then say it found it again)
So at this point it was t-minus ~2 hours for her to go to work, I said the hell with it, pulled the hard drive, installed a brand new and feshley formatted/zeroed drive, and reinstalled with a copy of Windows 7 I had laying around, boot up, get all windows updates, install avast and malwarebytes, update both of them as well as get ALL windows updates, installed her work systems and everything was fine, she works for the same amount of time, boom, same thing happens on 7.
Things I've tried:
2 different DSL lines, 4 different modems, 2 different ethernet cables.
3 different NIC's
I get a network connection through Ubuntu live CD
I tried scanning with Avast, MalwareBytes, both find nothing, ESET removal tool does however still find it.
I've ran the ESET removal tool
Everything hardware wise checks out, I just don't get why the system would get infected 2 times within the same amount of time, with no real ryhme or reason.
Firewall is enabled on my routers, system has enabled firewall and never goes to any untrustworthy sites, it's used strictly for work.