What to do when antivirus software identifies a Reliance program file as malware

February 1, 2025

Antivirus software programs use various methods to identify malware. Sometimes, however, malware is indicated incorrectly (false positive).

False positive

Unfortunately, this error sometimes occurs even when an executable file – a file with an .EXE (.DLL, etc.) extension – is signed with a digital certificate from a trusted certificate authority. The antivirus program should verify the validity of the certificate and the signature time stamp and decide on trustworthiness accordingly. All Reliance executable files are signed – including a time stamp – with a certificate from a trusted certificate authority. Currently, DigiCert is used as the certificate authority.

The probability of a false positive may be higher if the executable file is – by special software – protected against unauthorized changes (the so-called cracking), software piracy, and, particularly, reverse engineering. Protection through a special software tool will help, among other things, prevent the disclosure of sensitive information (this may include passwords, keys, and other secret information). It is obviously desirable to apply this protection to software as important as SCADA systems.

What to do when detecting a malware infection

A temporary solution may be to add the Reliance file folder to the exceptions of your antivirus program. The antivirus program should then ignore the program file.

Next, follow these recommendations and take the appropriate steps:

• Use the latest version of your antivirus software.
• Use the latest virus database for your antivirus software.
• Use the latest version of the Reliance system.

If none of the above steps help and the malware detection persists, follow these instructions:

Make sure the file is actually signed with a certificate. If it's not, it may have been compromised by a third party (attacker) and is not a false positive. In such a case, purchase the original Reliance installation package.

Digital Signatures

Digital Signature Details > General

Digital Signature Details > Advanced

Certificate > General

Test the suspicious file with another antivirus program. There are plenty of free ones on the market that are available for download. If you do not want to or are unable to download and install another antivirus software program, you can use one of the online versions of antivirus programs, such as VirusTotal. Upload the suspicious file to their Web page and check if it is OK. If something is wrong with the file, please contact the Reliance technical support team (support@reliance-scada.com). If the file is fine, it is most likely a false positive error reported only by your antivirus program. If that is the case, report the false positive error to your antivirus vendor. The vendor should acknowledge the error, fix it, and – in the next version of the antivirus program or virus database – no longer declare a false positive.

How to report a false positive to an antivirus vendor

This is done differently for each antivirus program. Choose an antivirus software program from the list below and see their method of reporting.

You can also use VirusTotal's alternative list.

Tip:

Haven't found what you were looking for? Use this form to inform us about it.

Related links

Example projects

Technical articles

Video tutorials

Try the Reliance SCADA system right now!

Try the Reliance SCADA/HMI system on several sample visualizations.

Try the Reliance SCADA/HMI system on several sample visualizations or download the trial version installer to your computer for free.

Download

Try