How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.
Ask Michael Norman Your Own Question
Michael Norman
Michael Norman, Information Systems Manager
Category: Computer
Satisfied Customers: 165
Experience:  Director of Technology
Type Your Computer Question Here...
Michael Norman is online now
A new question is answered every 9 seconds

Have URGENT issue. I didn't realize until lately that I've

Customer Question

Have URGENT issue. I didn't realize until lately that I've been hacked, EVERYWHERE, since June 20th. My laptop, my Verizon account, my hotspot, my wifi at home and my Technicolor modem from Time Warner Cable, at home, is listed as a storage device and when I was able to get into it, it was my C Drive. I noticed it first because my online storage backup at SOS had showed some really important photo shoots I needed, and then they were gone. I had SOS search and I did for weeks in a row. They were gone. Then I notice my One Drive with Microsoft is virtually empty. Creative Cloud, Amazon, iCloud, Dropbox. Then I notice that when I sign into My Verizon from my phone, it's this huge string in the browser, but when I signed in at school, it was the normal log in. From there I researched like crazy and 2 years of work, as a photography student (returning OLD student!)is gone everywhere. My Verizon, my gmail, outlook, all my Microsoft accounts, etc. I would look things up here and at windows eight forums and started looking at the event logs and taking screen shots. Then I would open this app I have that extracts text from the photo, and there it was in black and white, what the deterred path was from what it was supposed to be. So all my backups were going to some virtual machines. I found one huge long string where at the end was this folder and there were some of the sexiest photos I'd taken in my boudoir series - there were all my girls! I screamed. This ass is not only taking all my work from me, he's stealing it for himself. When I saw the string being so long, and how buried it was, I opened a Word document and copied it. No sooner did I lift my finger off the paper, the file disappeared off my desktop. Since then, if I stick a USB or DVD into my laptop, either my information disappears on that stick or the DVD gets reformatted or they grab the information before it can copy to anything. I couldn't go anywhere online to send files because they were in EVERYTHING. I don't know what to do. This actually started because I was robbed, one night after school, and my $5,000 camera and $2,000 laptop were stolen. It was two weeks before finals and there went my everything. None of my recent boudoir shoots were backed up. I was sick, for weeks. I still am, and its been 6 months. Anyway, out of desperation, I rented a laptop from Rent a Center. I thought i was setting up me as Admin on the computer, and then looked closer at things when I got into the registry and started to disable the UAC, etc. All this time, on the configuration logs, user name "rac1" was nestled inside of me, so really everything was going to rac1 and I was the "friendly" name on the account. I changed the computer name 4 times. Each time, a whole new set of users and groups would appear with the name change.I learned how to do a lot of things to slow them down, and for about 36 hours actually had complete control of the computer and had them stopped. I walked away for an hour and I had a black screen. We duked it out from there and I ended up in an endless loop on a blue screen. When they couldn't get into my computer anymore, my Verizon password ***** 3 times, along with security questions. Now they were hearing everything I was doing. When I got back into my account, there was a DOM storage enabled? Is that right? I looked it up and basically what I got was that it caught them up on all that they had missed by not being able to access my wifi or modem at home thru my laptop. I also don't want to forget to say that I would see these creepy things happening with the green light in the smoke alarm - almost like it was a little camera, following my eye. It also changed with the TV. The cable was broadcasting that it wasn't working, but that of course was temporary. Then it came back up intermittently and I would just feel like someone was looking at me from behind the changed light formation. So one night I got mad and turned my cell phone on them and started to take pictures and record video. Interestingly enough, when I got picture information from a different app to extract text, low and behold, my smoke alarm had a physical address - just a few houses away from my address. Then it said something like, "cool evening at Craig's" - I was horrified of course. It sounds crazy but it was like I could see them in the smoke alarm - a few guys and a beat up, painted and weathered conference table, with some machines, wires, standing around...then they noticed I was shooting video - and they began to walk backwards to get out of the field of vision. There was red, red lights, dots, pinging back and forth like crazy between the smoke alarm on the ceiling and the TV monitor on my dresser and my cell phone. I of course sent them to friends by gmail immediately in another room. You know - they all disappeared eventually. I wasn't thinking this was real or I was thinking this was crazy, but this has been 4.5 months now and this is damn serious. Have more..
Submitted: 1 year ago.
Category: Computer
Customer: replied 1 year ago.
There's only one problem with this response timing. I'm at school and we have to leave at 10:55 at the latest. They close at 11:00. Due to my questions, I don't want to put my phone back together to work until I'm advised from you. My photography site login details were on my other phone from my IT guy in Chicago. I'd have to go back to gmail to retrieve the login information and I'm not sure what to do because it seems every move I make, I alert them that I'm there. I guess I'll just risk it with this one: ***@******.*** Since my computer is torn apart, I don't have a way to communicate after 10:55 and don't know what to do about my phone. I'll probably step away from this computer for a rest room break in a minute, so if you answer, please don't leave. I feel better already someone knows what's going on and is there to help. This has been a nightmare.
Customer: replied 1 year ago.
Oh, and another thing - the camera thing didn't start until after a new roommate moved in. I know he's got something to do with this. I'm sure of it. Also, so far I have about an inch or more of paper I've printed of their re-coding and re-directing all my stuff to god knows where or some virtual machine. I'll try to find an internet cafe after leaving here tonight, but haven't slept in two nights and days again, trying to stay on top of them. I'm breaking now. Please try to tell me something, at least about the phone, in about 15 minutes. Thank you!
Expert:  Russell H. replied 1 year ago.

Hi, thank you for contacting My name is***** will do what I can to provide the right answer to your question.

Your question is quite long, and raises many possible issues.

The issue with your phone is hard to pick out of the numerous details you have presented. But as for the length of a login URL, on your phone, compared to on a computer at your school, is a normal enough variation. Probably your phone has a 'bookmark', as it is called, to a specific login URL that includes specific login information such as your username; but the computer at school just has the general site login, and you must enter your username (as well as your password ***** and that is perfectly normal.)

There is something you can do about your phone - if it is an Android OS phone - and about its being hacked, or your phone being hackable:

If your phone has (presumably!) the Android OS on it, then if that OS version is not sufficiently updated, then it may contain a significant 'security hole' that allows almost anyone to gain access and control over your phone.

To test as to that security hole, download and use this app:

to tell whether there is such a security hole in your phone's Android operating system.

To avoid the problem in the first place, not just using the Stagefright detector, but also completely updating your Android OS ab initio when you first start using it, is a good idea. (Some older versions of Android OS cannot be patched, by merely updating that version... but a higher version, if it can run on the older Android OS -compatible phone, can cure that problem.)

And though it is not my field of expertise, I feel like adding: lack of sleep can be a serious problem for sure. To settle these issues I think you should get some rest, and sleep, for sure. Though it is next morning now, and some hours from when you last posted to this question, I hope that you did get some rest. I offer you my good wishes.

Customer: replied 1 year ago.
My phone is a windows based phone. its' Nokia lumia 635
Expert:  Russell H. replied 1 year ago.

That's actually good news (that your phone is a Windows phone) - both Android -based and iOS -based (Apple) phones/smartphones, have serious security issues... but a Windows Phone should - *if* you keep it updated by Windows Update run on it at regular intervals, plus an enabled firewall and an antivirus utility of good quality such as Avast (though I am not quite certain that Avast is designed for use with Windows Phone as opposed to PC-intended versions of Windows... and some research reveals no convincing information...)

I regret that I cannot offer Live Phone Call service at this time. If you would prefer another Expert work on this question and case, I will Opt Out at your request.

Customer: replied 1 year ago.
Are you serious? I've lost 2 years of work as a photographer and you respond with lack of sleep can be a problem? Are you out of your mind? I need REAL HELP WITH REAL SOLUTIONS. Not some pat, common sense answer about virus security installs, etc. I want some DOS commands that causes them to stop in my phone so I can backup and factory reset. I told you the critical timing involved. Your site boasts usually an answer within 10 minutes. You had 50 and knew I couldn't communicate after that and still nothing. I want a satisfactory, knowlegable answer or a new person or a refund. You didn't even come close to addressing how serious the extent of my hacking is.
Expert:  Russell H. replied 1 year ago.

I have Opted Out, with apologies. I hope that another Expert will take up this case shortly.

Expert:  Quiksilver07070 replied 1 year ago.

Hello and thank you for choosing

I would like to be able to help you with this.....but i see there is ALOT to read from the previous expert.

Please give me a few minutes to review and respond, so please check back often.

Customer: replied 1 year ago.
are you taking this on or not??
Expert:  Quiksilver07070 replied 1 year ago.

Well, im not sure yet.

You have listed MANY MANY things that seem to be wrong. From a camera spying on you from a smoke detector, to your online files being removed.

We need to narrow down to a specific question, and then move on from there. Its okay if you have MANY questions, but we need a starting point.

So, where would you like to start?

Customer: replied 1 year ago.
As I clearly stated, with this new phone NOW that's been hacked.
Expert:  Quiksilver07070 replied 1 year ago.

Factory Reset the phone. Or return the phone and get a new one.

If somebody is Hacking your online wont matter what device you use to access the website, your account is compromised. Plain and simple.

Now, if somebody is hacking a LOCAL program, or accessing LOCAL files and folders, then they are remotely controlling your device (phone, computer, laptop) and the WHOLE system is compromised, but that does NOT necessarily mean your ONLINE accounts are also compromised, but they could be.

On the phone........are you able to run a factory RESET?

Expert:  Quiksilver07070 replied 1 year ago.

Heres how bad it could be, if somebody has gotten access to remotely control your machine.

1- They can install a keylogger, and capture ALL online access USERNAMES, and PASSWORDS, and gain FULL access to ANY website you logged into while the keylogger was running.

2- They can delete/change/move files that are stored LOCALLY on the hard drive.

3- They can access and change your NETWORK devices. (printer, wifi, modem, network cameras, network drives)

YOu mentioned you were robbed, and your laptop was stolen?

" This actually started because I was robbed, one night after school, and my $5,000 camera and $2,000 laptop were stolen."

This is how they may have gotten access to yoru online accounts (stored passwords on the laptop) and then reverse tracked you back to a Windows phone.

YOu want the simplest answer.

1- Close all accounts that you can (do this from a public computer). Factory reset all devices on your network, and all devices that are connected to the network, that you own.

2- Request a NEW IP address, and a new MODEM from your ISP, along with a NEW account number. ( robbers may have access to your ISP online account)

3- Any devices you cannot factory reset, and wipe clean, REMOVE them from the network, and keep them from connecting to the internet, until they can be destroyed, or returned, or wiped clean of the data.

Expert:  Quiksilver07070 replied 1 year ago.

You cannot combat against a hacker that has full access to an online account. They can change the password, AND the account details, making the account look like they own it.


Once they have access (Full access, meaning they have all the info they need to make that account username and password, your verification details like security questions and answers, and even the email account used to verify) its SO hard to stop them....that you cant.

Expert:  Quiksilver07070 replied 1 year ago.

They have likely done everything they can to steal your ONLINE identity.......and as we all know.....identity theft is VERY difficult to thwart, once your information has been compromised.

Customer: replied 1 year ago.
No kidding this is no joke. That's why I've been so pissed about NO answer from Just Answer. I can't close anything because they ask for verification and all my email accounts are hacked. I can't just close them all and lose info. I've been trying to backup phone and it won't work. I keep seeing this little smiley face popping up while I type so I know they're seeing everything I'm typing. Otherwise I would have done a factory reset yesterday but I want to keep the photos that show the event logs and then the scripts I've obtained from text extraction from photos. Where can I send anything to safely to keep?
Customer: replied 1 year ago.
Yeah, and BTW, as bad as it can get is exactly what I was telling you has happened.
Customer: replied 1 year ago.
Does this seem right for the path to you? That's what's in my browser.
Customer: replied 1 year ago.
This is what's in browser when I try to go to login at MS:!yKT4OfGU4g5ALeDHHG7px6TZJHeEb*E4suqxAT1yoZ*yLw0N5uj*ZY4H5H1i1gamG7R52P!H7j!Qrb8EsGlk8uOsQA4pcQGnhldJ9dOWL8SXlDSBxKTRfdmhPD0BwEa5vyrKn350brHV5Ckp65vD1Q*0IkOblkrAPcxDhofyIWjm3GSFu1pDVsnQpDPS6qeX7dpvfRfcD5Qh9arjumogpLx!XIkQvJF4f0SquEXxc96ZAdMzYEonuibMKG8pq!LVeFME8o8bDJy8Q%24%24
Expert:  Quiksilver07070 replied 1 year ago.

If you want to save anythign off the COMPROMISED devices, you have to do it LOCALLY, meaning you have to use a USB drive, or use a SD card, or something like that, you can NOT start to fix or clean up the issue on ANY of the devices that are compromised, for anything that is online. Lets use an example here.

Lets say, you DO create a new account on an online drive, so you can save the files off your phone, (and you did this on a SAFE computer). Lets say you open a new Google drive account, using a NEW google Email address (again on a safe computer).

Then you go to your COMPROMISED phone, and upload ANYTHING to the new drive account.......ALL THE INFORMATION ON THE ACCOUNT WILL AGAIN BE CAPTURED. compromising the new account. Just the action of logging into an account from a compromised device, for any reason, ALSO compromises the account accessed.

YOu dont have control over your compromised device, and if you try to SAVE anythign from have to askyourself....WHAT ELSE could I POSSIBLY be saving, that was designed to be stealthy and undetected?

Customer: replied 1 year ago.
Here's another:
Expert:  Quiksilver07070 replied 1 year ago.

The URL's you showing me are not that Atypical. Its actually quite common to see URL's with large strings of what would seem like garbage, but its a random generated, HUGELY unique string, to point to a very specific page on the web.

Customer: replied 1 year ago.
I get what you're saying but as I said initially, now when I use my SD card, files start disappearing right away. It's been renamed drive M. They also show my drive H as my 1 TB external and I'm afraid if I use that I'll lose that new info and photo shoots too. A little camera in red keeps popping up. If I do factory reset now, what do I install to start with to be protected? They obviously have all my phone specs
Expert:  Quiksilver07070 replied 1 year ago.

Your Windows phone, i would say, has been compromised, atleast from what you are telling me.

So to SAVE anything from it, would potentially be bad.

Disconnect your 1TB drive immediatly!

Pop the SD card out, and put it into a machine that is using Linux, or Mac, and copy off the files to save.

Pop the SD card BACK into the phone, and transfer anything you can. At this point, your 1TB should be offline, and the SD card you put back in, should be empty. So, they cant see anything. If there is anythign on the phones memory you want to keep, transfer to the SD, and again transfer to a linux or mac machine. DONT USE A WINDOWS MACHINE. if they are runnign any type of malware, it wouldnt run on a linux or mac it was a windows version.

Make Sense?

Customer: replied 1 year ago.
I put my SD card into my reader in the Mac school computer and that's when things started disappearing again. So the Mac made no difference. Of course I haven't plugged the 1 TB back in. I need to know how to undo their programing first or I'll lose all that too. I asked, with factory reset then what do I install to be protected after it's clean? They still have ask my phone specs.
Customer: replied 1 year ago.
Did you get my last question?
Expert:  Quiksilver07070 replied 1 year ago.

Hmmm, well i cant really understand when things just start disappearing, on a machine that for all intents and purposes, has nothing wrong with it. So....i dont know how else to tell you, that saving the files may not work, and they might be lost.

UNdoing their programming, is a potentially futile event. The windows platform, has a slew of different AV, AM, AS, RK utilities that can be run. To regain control on the machine, disconnect it from any and ALL networking. If you have to.....cover the thing with aluminum foil....and then boot it up in safe mode to run all the utilities.

Customer: replied 1 year ago.
Customer: replied 1 year ago.
They've got all my passwords to everything and of course the second I change them, they know. I'm reading your response now.
Customer: replied 1 year ago.
Cover it with foil?? I already handled the laptop. Wiped clean and installing new OS. I'm asking about THIS PHONE! CRIPE.
Customer: replied 1 year ago.
6:51 AM1446124082287
offer—container" »
(div class—no—
'(div :void (0) ; "
data—attr target:" gåmewindow" data—
attr_campaign rewards engagement_pod" data—
attr campaign type— "MyVCarouse1CartridgeCampaignTargeter" data—
attr campaign source:" Targeter" response:" Y" "data—
data—attr destination urlz"https://rewards . veri zonwireless .
src—" / / acache . vzw. comdconten t / dam/vzw/en/ 1.8hyY.eri
/ div» q/ div»
Cdiv swiper-no—swiping"
data—attr WHV POD veri zon cloud utilization_pod"
attr_campaign type:" Targeter" data—attr campaign _
data—attr cust response: "D"
WHV POD verizon cloud utilization pod"
data—attr destination url—n••
data—attr WHV POD verizon cloud _ utilization_pod'•»
Cdiv class—no—
(div href—•• javascript :void (O) ; "
ink" data—attr target: "samewindowt' data—
attr campaign ids" verizon cloud ut ilization_pod" data—
_.te"r campaign data—
data—attr destination url—"http: //www . verizonwi—
cloud. srcz"
c/ div) K/ dix.»
destination url••""
data —
attr_campaign WHV POD experience veri zon_pod"
sources "Ta rgeter••
data-attr cust
attr_page WHV POD exper fence veri zon_pod"
data—a tt r
attr response ref ID:" OVR WHV POD_experience Verizon pod n»
€div fer—contai
. (div : void (O) ; "
—response—link" data—a data—
attr campaign data—
attr_campaign ignTargeter•• data—
attr campaign sources"Ta rgeter" data—a ttr data—attr is _ data—
url•!http: //www.veri zonwi—Ite . html" Ximg
src—" I che - •zzw. coml. con ren t / dam,'vzw/en/myveci amna i gas /gocis /Whyyeri en ce-
) € / seGtion»
C/ div» c /di'D
cla as••
•z / div-s «/div»
Expert:  Quiksilver07070 replied 1 year ago.

this looks like CAPTURED data.

The foil thing is to wrap AROUND your the wireless signal is blocked.

Expert:  Quiksilver07070 replied 1 year ago.

Yes i understand the issue is with the phone.....but the phone ALSO runs WINDOWS...yes? Its a windows phone? a Nokia?

If so, then there are MANY MANY virus's, and malware, and spyware, and rootkits that have been created to capture information undetected, and relay that information.

If you can BLOCK all RadioFrequency signal from the phone (using a faraday cage), then you could somewhat safely attempt to transfer any files OFF the phone to an SD card, and also attempt to repair the phone, using the utilities, and safemode. And potentially factory reset it.

Its not always successful, sometimes the virus, or malware can not be removed, and if you try to access any files they will delete. In that case....theres nothign you can do. Unless you are a security expert, and can reverse engineer the virus, and then write code to dispatch it. Thats getting WAY above the scope of this site though.

Expert:  Quiksilver07070 replied 1 year ago.

The way we combat against virus's and malware, is to LOAD up the harddrive onto ANOTHER machine, without booting the OS in which the virus resides.

YOu sound quite smart about this stuff, and i know you understand that somethigns are impossible.

I leave you with regards ***** ***** UNdoing of their programming.

How do you detect that which is built to be undetectable?

Customer: replied 1 year ago.
Not impressed with your leave "out"! I'm not knowledgeable at all!! That's why I was like, this is a lot to read? Do you have any idea how much I've read in the last couple weeks to know anything ? The only way iwas able to stop them for 36 hours on my laptop was reading about DOS commands and then I made changes to the registry. I walked away for an hour and they got command. So if I factory reset now, AND I'M JUST TALKING CELL PHONE HERE, should I still put foil around phone and reboot? Then AGAIN, what do I install first for protection??? Did you get the 4 files I sent you?? I have the DOS commands for mobile app too.
Customer: replied 1 year ago.
Did you get last message??
Customer: replied 1 year ago.
Sent at 7:54
Customer: replied 1 year ago.
What the heck is going on/??
Expert:  Michael Norman replied 1 year ago.

Hello. My name is, Mike. I would like to try and step in and assist. I only ask that you try to be a little patient as there is a lot going on here. I can certainly understand you anger over the situation. I see the majority of the most recent posts refer to your your phone. But you are also concerned with your other accounts being hacked.

Let's start with them getting access to your devices. So the only way they can access your devices remotely is through a network connect. The first thing you need to do is disable the network connections on all of your effected devices (e.g. laptop and phone).

You can do this by turning off the wifi switch on your laptop and enabling Airplane Mode on your Nokia phone. Once you have done that you can still boot up the devices and the hackers will not have access to them. It is from this point that you start sanitizing the devices. So lets start with your laptop and your external drive.

1) The best recommendation here is to take it to a computer service center like Geeksquad. Before you get upset with this recommendation allow me to explain. This is because they will have the tools to safely scan your laptop and external hard drive. They can also backup any uninfected files and do what is called re-imaging of the hard drives. This essentially is wiping your computer and external hard drive clean and from there they can reload the operating system and any of the uninfected files from the backup. This will address your laptop issue. Additionally to address your deleted files they can runs forensic recovery software that will scan the laptop for any deleted files. When files are deleted they can generally still be recovered if the slack space or opens space of the hard drive has not been wiped. When you delete files you are essentially freeing up the space on the hard drive where that file resided until a new file overwrites that now open space. This means that with the right recovery software you can recover deleted files that have not been written over yet. Now if a slack space wipe has been performed you will not be able to recover any deleted files. That is because the slack space wipe writes over all of the open space on the hard drive where any deleted files previously resided.

2)Now lets look at your phone issue. Just like with your laptop you need to disable the network connection. You do this by enabling Airplane mode. This will allow you to turn on the phone but it will not connected to the cellphone network or wifi signals. Here are the instructions for enabling the Airplane Mode:

Once that is done you can perform a factory reset of the phone. Here are the instructions on how to perform the factory reset:

3) The next issue to tackle is your MS account. Given that your phone is a Window phone I imagine you have a lot that is tied into this one account. To do this you need to go to the page below and click the option for "I think someone else is using my account":

Then you will get a drop down menu where you can select the "Other" reason and explain the issue. This is how you have to get in touch with MS support so you can recover your account.

4) Now you must work on recovering each of your other accounts. This can be a bit of a process as each provider will have their own steps required for hacked account recovery. Below I have provided information for a few of the most popular types of accounts:

The first thing you need to do is gain control of your primary email account associated with your other accounts. Once you do that you can follow password ***** steps for those other accounts.


You can do this by going to the following link and following my instructions below:

For Topic 1 choose: "Password ***** sign in"
For Sub-Topic 2 choose: "Change password"
For Recommended Options 3 choose: "Email"

This will take you to a Yahoo customer service email contact form. Fill out all of the pertinent information and Yahoo will contact you to help resolve the issue.


Please go the following link:

1) Click on "I don't know my password."
2) Type in the email address and hit "Continue"
3) Enter the captcha code and "Continue"
4) Next page where it asks you to enter the last password ***** remember, hit "I don't know."
5) Next page it may display a secondary email address attached to the account. If you do not recognize the secondary email account, below the "Continue" button in small text click on "Verify your identity" which is in blue text.
6) Then it will ask you for an email address they can use to contact you. Type in your email address and "Continue"
7) Then continue with the verification questions.

Option #2
Go to the following link:

Follow the instructions under "Contact Customer Support."

You will notice the first item is to fill out their online support form. After completing the form they will open a support ticket and you will receive a ticket number which you didn't previously have.

Then you can call them using the numbers they provide in the second step.




Dropbox recover deleted files:

You are going to want to do all of your account recovery work from an uninfected computer (e.g. computer lab or library computer). Please understand that this is a complex issue with no simple solution. It will take a lot of work. The last thing you need to do is is reconfigure your wifi router. If your password ***** your wifi network has been changed, you can press and hold the reset button on the router and it will reset it back to factory out of the box settings. From there you can set up and secure your network again with a new password.

Best of luck to you.