Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

Bitdefender's Advanced Threat Defense Keeps Blocking "whoami.exe". What To Do?

Options
BPTacoDefender
BPTacoDefender
edited January 2023 in Protection - Malware/ Firmware/etc.

Bitdefender's Advanced Threat Defense keeps blocking "whoami.exe" and is doing this every 4 minutes throughout today. The software states that whoami.exe is blocked and disinfection successful but I keep getting this every 4 minutes.

Please advise. Thanks.

Best Answer

Answers

  • Alexandru_BD
    Alexandru_BD admin
    Options

    Hello @BPTacoDefender,

    Based on your description of the situation encountered, I would recommend contacting the Technical Support Teams, as more information might be required to troubleshoot this. You can get in touch with our engineers by choosing one of the contact methods available here:

    https://www.bitdefender.com/consumer/support/help/

    I don't think we will be able to resolve this on the forum, because we don't know exactly why the notification behaves this way and what whoami.exe is doing. The engineers may also request logs from the device for accurate diagnosis.

    Regards

    Premium Security & Bitdefender Endpoint Security Tools user

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    Options

    Additionally, whoami seems to be a legitimate microsoft windows file.

    More information can be found in below stated link

    https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/whoami

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Sharcs
    Sharcs
    Options
    https://community.bitdefender.com/en/discussion/comment/320656#Comment_320656

    I just had the same file blocked by Bitdefender. Here are the details:

    The notification says:

    Application whoami.exe has been detected as potentially malicious and was blocked.

    Application path: C:\Windows\System32\whoami.exe

    Command line parameters: whoami

    Detection ID: SuspiciousBehavior.7E4BD9AB7C59C8B

    The file was blocked while I was installing Wordpress on a local server. The local server uses XAMPP.

All Time Leaders

Categories

Defenders of the month