Author Archives: kekehuang11

Blocking DiagTrack outbound connection after malware infection

Posted on by

I was scammed and I thought those scammers were really from Microsoft so I let them remotely connected to my computer. I don’t know what they installed on it.

After I realized that it was a scam, I reset my computer, cleaned all the drives and reinstalled Windows 10. I thought whatever virus I had should have gone away.

But I typed in “netstat -ano” in command prompt, and I still see this:

TCP    192.168.1.9:49793      111.221.29.254:443     ESTABLISHED     6752

I looked up the PID in Task Manager, it is DiagTrack service which is like a key logger right? And the IP that’s connected to it: 111.221.29.254 has been reported 8 times in AbuseIpDb.com.

I don’t know why after I totally reset my computer, this IP is still connected to me.

I thought about blocking this IP by modifying host file.

I used nslookup 111.221.29.254 but couldn’t find the hostname for this ip.

Server:  NF4V.Home
Address:  192.168.1.1

*** NF4V.Home can't find 111.221.29.254: Non-existent domain

Is there anyway I can block this IP from connecting to my computer?

Is there anyway I can block this IP from my router?

Continue reading Blocking DiagTrack outbound connection after malware infection

Attackers gained remote access to my computer for an hour. Do I need to reset all 9 devices in my house?

Posted on by

I got scammed and hacked. The scammers said they were from Microsoft and my computer had a virus and they were going to install some antivirus software on my computer and clean the virus for me. So I let them remotely connect to my compute… Continue reading Attackers gained remote access to my computer for an hour. Do I need to reset all 9 devices in my house?

I got badly scammed and hacked. Please help!

Posted on by

I got scammed and hacked. The scammers said they were from Microsoft and my computer had virus and they were going to install some antivirus software on my computer and clean the virus for me. So I let them remotely connected to my computer for more than an hour! God knows what they’ve been doing in that time!

Afterwards I realized that it’s a scam. So I took the computer that they connected with to the computer repairs and get it totally reset.

I thought that would solve the problem. But no!

The next morning I used another computer in my house to change my Microsoft account password. I thought I would be safe because this computer was not the one the directly connected with. So I changed my Microsoft account password.

2 hours after I changed the Microsoft account password, I logged into my microsoft account again. I checked “Recent Activities” page. Guess what? Right after I changed to a new password, someone successfully logged into my Microsoft account! And their ip is somewhere in Hong Kong while I’m in New Zealand.

I didn’t understand how they could know my new password? This computer they didn’t directly connect yesterday.

Then I thought, they must have hacked into my wifi network, so they can access all the devices in my house.

I logged into my router, and checked the system log, I can see lots and lots of “alert”, “intrusion” written in the log. I think that means someone really hacked into my router. Don’t know if that is right?

So after they hacked into my router, can they install spyware onto all the devices in my house? Or they just can see all the data that’s in and out without even install spyware? How were they able to get my new password?

I’m not sure what to do now. Should I check and clean malware on all the devices first, or should I fix the hacked router problem first?
me. I called twice about it. One person said they were not allowed to do that. The second person said that she can’t find the option to change it. So she think my router is a faulty one and she’s sending me a new router in a few days.

So my question is, will my problem be solved when I change to a new router?

I’m using Windows 10 on all my pc.

I got myself into deep trouble this time. Please help me to get out of the hack.

Continue reading I got badly scammed and hacked. Please help!