LabWindows/CVI

cancel
Showing results for 
Search instead for 
Did you mean: 

"Windows protected your PC"

I am not a Windows programmer, but I do get to maintain a huge LabWindows PC host program. When we run an installer we built, we always get:

 

Windows protected your PC

 

I did not find that term when searching NI.com of the forums, and general web searches reveal hundreds of articles on how to turn off that message 😉

 

I expect there is some kind of Microsoft program you subscribe to and get some kind of ID certificate or something? Is this something LabWidnows (we use 2017) supports?

0 Kudos
Message 1 of 5
(1,489 Views)

Sounds like an antivirus to me...

0 Kudos
Message 2 of 5
(1,351 Views)

Agreed - sounds like "Windows SmartScreen" interfering. More details here:
https://www.minitool.com/backup-tips/windows-protected-your-pc.html

 

I'm not as familiar with that one, but we've found that other AV software uses whether the top-level setup.exe \ install.exe is digitally signed as a clue to whether something is malicious or not. As such, besides disabling SmartScreen, digitally signing the setup.exe \ install.exe would be my first suggestion. 

I don't recall if the CVI installer builder has installer signing (it would be in the Advanced section if so), but you can also manually sign the install.exe after the deployment is built. Regardless if CVI can sign for you or if you use the Microsoft sign tool - you do have to buy a certificate, but it's quite doable (example here).

0 Kudos
Message 3 of 5
(1,323 Views)

Correct. And the question is what is involved with making a signed app, so folks can run them without having to bypass security settings. (For many corporate environments, they simply cannot install and use our program due to this.) I would "assume" any program compiler could be made to generated signed code, so I expect it is possible with LabWindows -- but alot of LW looks really old so I don't know if the core predates all this.

0 Kudos
Message 4 of 5
(1,321 Views)

Confirmed - the CVI deployment utility does have the ability to sign the installer - it's in the advanced section. You do have to provide your own certificate, but how to get one is searchable.

WesW_0-1706297125605.png
If you're using an older version of CVI that doesn't have this signing capability, or you just want to sign a CVI-built EXE - then you can sign the EXE after it's built using the Microsoft signtool mentioned above.

 

0 Kudos
Message 5 of 5
(1,298 Views)