Tons of "A malicious url was blocked on COMPUTERNAME"

thealgorithm

Hello everybody,

I would be grateful if you could help me to sort this out.

█ BACKGROUND (if you're curious) █

I purchased BitDefender and installed it on 2 PCs. The 2nd one is not the PC I use personally. The user is not very tech savvy but is very prudent.

It got a virus a while ago (deceiving email showing a fake sender with the name of a real friend of the user, who fall for it and opened the Excel attachment).

I cleaned the PC, run both the pre-Windows full scan with Bit Defender and a full scan with all options ON under Windows after that. Also run other scans with other products.

█ THE PROBLEM █

Every few hours (sometimes minutes), BitDefender keeps showing me notifications saying:

A malicious url was blocked on COMPUTERNAME

The device is safe.

Mar 19, 2022, 17:22

Malware

Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.

Blocked URL

https://wjecpujpanmwm.tk/

TONS AND TONS of such notifications. The problem is, nobody is attempting to visit this damn tk website! I open Chrome's history and I see entries that match the exact time of BitDefender alerts. Well, it's not that website! Sometimes the user simply opened Linkedin, other times his email provider (email.it, a very popular and safe free email provider in Italy), sometimes even just Google for Google researches!

No other websites were opened at those times. No add-ons installed in Chrome (except for the 2 installed by BitDefender). I even completely reset Chrome, uninstalled, and re-installed it. As soon as I re-opened it, BitDefender recorded another event like that.

█ CONCLUSION (and question) █

Evidently, SOMETHING is trying to access that bloody https://wjecpujpanmwm.tk/ every few minutes/hours from the PC, but it is not the browser.

Why won't BitDefender also tell me WHAT actually tried to access that Malicious URL? Is there a way I can know?

Thank you!!!

thealgorithm

Hello everybody,

I would be grateful if you could help me to sort this out.

█ BACKGROUND (if you're curious) █

I purchased BitDefender and installed it on 2 PCs. The 2nd one is not the PC I use personally. The user is not very tech savvy but is very prudent.

It got a virus a while ago (deceiving email showing a fake sender with the name of a real friend of the user, who fall for it and opened the Excel attachment).

I cleaned the PC, run both the pre-Windows full scan with Bit Defender and a full scan with all options ON under Windows after that. Also run other scans with other products.

█ THE PROBLEM █

Every few hours (sometimes minutes), BitDefender keeps showing me notifications saying:

A malicious url was blocked on COMPUTERNAME

The device is safe.

Mar 19, 2022, 17:22

Malware

Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.

Blocked URL

https://wjecpujpanmwm.tk/

TONS AND TONS of such notifications. The problem is, nobody is attempting to visit this damn tk website! I open Chrome's history and I see entries that match the exact time of BitDefender alerts. Well, it's not that website! Sometimes the user simply opened Linkedin, other times his email provider (email.it, a very popular and safe free email provider in Italy), sometimes even just Google for Google researches!

No other websites were opened at those times. No add-ons installed in Chrome (except for the 2 installed by BitDefender). I even completely reset Chrome, uninstalled, and re-installed it. As soon as I re-opened it, BitDefender recorded another event like that.

█ CONCLUSION (and question) █

Evidently, SOMETHING is trying to access that bloody https://wjecpujpanmwm.tk/ every few minutes/hours from the PC, but it is not the browser.

Why won't BitDefender also tell me WHAT actually tried to access that Malicious URL? Is there a way I can know?

Thank you!!!