bkiller10 0 Report post Posted May 5, 2020 (edited) HI I made a python app based on a python.py script and made it into an executable with pyinstaller, but immunet detects it as the following threat Clam.win.trojan.PoetRat-7669676-0 Should I be worried or is this a false positive. As I said, I made the script and the executable with official source libraries, so I just want to know if this could be just a false positive. It's an industrial application so I can't share it. I've seen PoetRAT is related to industrial data like my app is, did that proc the alarm? Edited May 5, 2020 by bkiller10 Quote Share this post Link to post Share on other sites
ritchie58 442 Report post Posted May 6, 2020 Hi bkiller10, Have you tried to use the Quarantine Restore feature for the script? If successfully restored from Quarantine that will automatically move the file to the Exclusion list so it will no longer be scanned. I would also suggest you report this as a False Positive to the Immunet devs and since it's also a ClamAV detection to contact the ClamAV support folks at these URL's Immunet Support: https://www.immunet.com/false_positive ClamAV Support: https://www.clamav.net/reports/fp Quote Share this post Link to post Share on other sites