New LAN connection being created to balckhole IP

OK I have CIS Free installed and for the past week everytime I reboot I get a request that a new Local Area Lan Connection is being established to subnet Now I am behind a router and cable modem. This IP checks out on whois to be a blackhole IP. I am new to Comodo and have went thru every area to try to figure out how to stop this. Also now nearly everytime I connect to the internet I start getting redirected to Ad sites, some website in Romania etc. I have formatted 5 times and each time it comes back. I do not have network sharing enabled on my computer, I run my AV from my install disc, all my install programs I have burnt to disc many years ago and install from there.

I have run Malwarebytes, Spybot S&D, Comodo Antivirus, Avast, Bit Torrent, rootkitbuster, FS Blacklight, hijackthis, you name it have checked nothing is ever found. yet its coming back each time.

I have changed all passwords to router, modem, computers, I even went so far as to isolate my computer by removing every other computer on the network and then re formatted and reinstalled XP PRO from retail disc again.

At a loss. The only funcky item ever found was on the first scan 7 days ago and that was setuper.exe which was caught and supposedly deleted by Malwarebytes. I have formatted several times since then and it never been found again since.

I even went so far as to delete all old email, and the backups as well. I have ensured the that the mail server had deleted all emails on its server just incase.

NO external USB devices used, no floppys used, no flash drives,
XP Pro system with SP3 installed and all updates.

AT a loss how do I stop this from happening?

It’s not a black hole.
It’s something with your DHCP, search on google for 169. And you will see more about it.

Please read this Firewall FAQ here that should help you solve your problem.

There stiil is, outside of the false 169 problem, a security flaw as dchp is not known to automatically connect someone to romanian adsites.

Might be a browser startpage, a toolbar, a run or runonce section in the registry, whatever undetected trojan, or more basically a browser not protected against scripting and/or redirection and opening pages for ads, porns… when visiting some sites.