cancel
Showing results for 
Search instead for 
Did you mean: 

What is “JTI/Suspect.131328” from McAfee?

Using McAfee Endpoint Security 10.6 on Windows 10 it is the second time I got the:

warning.png

Warning.

I cannot find anything related to it while Googling around: "JTI/Suspect.131328"

The question: is this a false alert? Or not?

1 Reply
Highlighted
Reliable Contributor ninov_n
Reliable Contributor
Report Inappropriate Content
Message 2 of 2

Re: What is “JTI/Suspect.131328” from McAfee?

Hello,

Such events sometimes could be addressed as False-Positive but it depends on the exact threat details:

Similar detections

You can find some additional details in below article:

How to identify what rule corresponds to an Adaptive Threat Protection and Threat Intelligence Excha...

JTI means that it comes from a reputational/behavioral check of that scanner part of Adaptive Threat Protection.

If you share all details of that threat event, we can take a look and find out what exactly happened.

Most probably CMD executed suspicious/malicious command within the System32 folder which is important system storage.

In case above information was useful or answered your question, please select "Accept as Solution" in my reply, or give a Kudo. Thanks!
Nino

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community