bkiller10 Posted May 5, 2020 Report Share Posted May 5, 2020 (edited) HI I made a python app based on a python.py script and made it into an executable with pyinstaller, but immunet detects it as the following threat Clam.win.trojan.PoetRat-7669676-0 Should I be worried or is this a false positive. As I said, I made the script and the executable with official source libraries, so I just want to know if this could be just a false positive. It's an industrial application so I can't share it. I've seen PoetRAT is related to industrial data like my app is, did that proc the alarm? Edited May 5, 2020 by bkiller10 Quote Link to comment Share on other sites More sharing options...
ritchie58 Posted May 6, 2020 Report Share Posted May 6, 2020 Hi bkiller10, Have you tried to use the Quarantine Restore feature for the script? If successfully restored from Quarantine that will automatically move the file to the Exclusion list so it will no longer be scanned. I would also suggest you report this as a False Positive to the Immunet devs and since it's also a ClamAV detection to contact the ClamAV support folks at these URL's Immunet Support: https://www.immunet.com/false_positive ClamAV Support: https://www.clamav.net/reports/fp Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.