I found someone hacked into my machine. I ran Malwarebytes but it didn't detect any problem. I used netstat, and I think I found the rogue process, it was called: srchsot.exe. It had installed itself deep in the Windows\System32 directory (\windows\system32\mui\dispspec\Microsoft\). There was an install.bat file and srchsot.exe file in that folder. The install had installed registry keys to auto start when machine restarts. I killed process, delete those files, and associated registry keys. When the process was running it was connected to: h1915849.stratoserver.net:6667 . Below was the suspicious netstat output which helped me track it. TCP SAM-LAPTOP:3575 h1915849.stratoserver.net:6667 ESTABLISHED 4604 TCP SAM-LAPTOP:3586 v-client-5b.sjc.dropbox.com:https CLOSE_WAIT 5804 TCP SAM-LAPTOP:3588 sjc-not17.sjc.dropbox.com:http ESTABLISHED 812 Can you please update your database with this info?