While monitoring the traffic from my laptop using fiddler2, I found a lot of traffic trying to access /cp01/zen.php and /bin/orahxa.bin. The server address will be something like: deecohngahphichaehaethoo.com, mmnm45lncxvj4lnzdmbs44jn.cn, llakjshbeyrv3421jbs88xc.com. It seems it is a random url.
I have scan my drive using McAffe scanner, but it did not find any virus or anything, and my scanner is up to date.
Does anybody know how to remove the suspicious url? I have been adding the IP of the server to the "Banned IP" list, but I don't think I can keep up.