How can I block hacker's IP? RRS feed

  • Question

  • I was scammed and I thought those scammers were really from Microsoft so I let them remotely connected to my computer. I don’t know what they installed on it. 

    After I realized that it was a scam, I reset my computer, cleaned all the drives and reinstalled Windows 10. I thought whatever virus I had should have gone away. 

    But I typed in “netstat -ano” in command prompt, and I still see this: 

    Proto     Local Address       Foreign Address         State          PID 

    I looked up the PID in Task Manager, it is DiagTrack service which is like a key logger right? And the IP that’s connected to it: has been reported 8 times in AbuseIpDb.com. 

    I don’t know why after I totally reset my computer, this IP is still connected to me. 

    I thought about blocking this IP by modifying host file. 

    I used “nslookup” but couldn’t find the hostname for this ip. 

    Server: NF4V.Home 
        • NF4V.Home can't find Non-existent domain

    Is there anyway I can block this IP from connecting to my computer? 

    Is there anyway I can block this IP from my router?
    Saturday, June 3, 2017 9:46 AM

All replies

  • Hello,

    You can use Windows Firewall to block the connection from your computer to the IP address.

    You can open the firewall configuration from Control Panel\System and Security\Windows Firewall, and then open Advanced settings.

    You should add a new outbound rule, which can deny the connections to IP

    Best regards,
    Andy Liu

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, June 5, 2017 8:24 AM