I have noticed a very slow first execution of my EXE on my PC. This was extreme when I copied the new EXE and DLLs into another directory (e.g. real data) and then executed the EXE. The waiting times were sometimes 8 seconds or longer. There was no more waiting time during the subsequent execution.
After suspecting the virus scanner, I have now finally found the cause of these waiting times, it is the SmartScreen filter from Microsoft. More precisely, it is the Microsoft Defender PUA Protection.
However, this can be configured or switched off.
->Security
->App & Browser control
->Reputation based protection
→ Potentially unwanted Apps blocking - Switch OFF
→ Phishing protection - Switch OFF
Everyone has to decide for themselves about the possible loss of security. But I find the waiting times when starting the programme annoying and I trust my AV software.
Hi Don,
thanks for the hint, but this is about the daily work with possibly 50 program changes or more, i.e. the 50 x 8 seconds for a slowed down first start of the EXE. I don’t think that 50 x code signing can save time here.
Weird, I haven’t ran into that on my dev machine. Might be a permissions problem.
FYI, more info on code signing (see number 7):
Digitally signing Windows executables offers several key benefits, particularly related to security, trust, and integrity. Here are some of the primary advantages:
Authenticity Verification: A digital signature confirms the identity of the software publisher or developer. When users download or install a digitally signed executable, they can be assured that the software comes from a trusted source and has not been altered by unauthorized parties.
Integrity Assurance: Digital signatures provide a way to ensure that the executable has not been tampered with since it was signed. If the executable is modified after being signed, the digital signature will be invalidated, alerting users to potential security risks.
Enhanced User Trust: Users are more likely to trust and install software that is digitally signed. Windows displays warnings when attempting to install unsigned executables, which can deter users from installing the software. Signed executables give users confidence that the software is legitimate and safe to use.
Compliance with Security Policies: Many organizations have security policies that require software to be digitally signed before it can be installed on their systems. This helps organizations prevent the installation of unverified or potentially malicious software.
Mitigation of Malware Risks: Malware often spreads through unsigned or tampered executables. By digitally signing executables, developers can reduce the risk of their software being used to distribute malware. Users and security software can more easily identify and block unsigned or suspicious executables.
Support for Code Signing Certificates: Digital signatures leverage code signing certificates, which are issued by trusted Certificate Authorities (CAs). These certificates provide an additional layer of trust, as CAs thoroughly vet the identity of the entity requesting the certificate.
Improved Compatibility with Windows SmartScreen: Windows SmartScreen, a security feature in Windows, uses digital signatures to help determine the reputation of an executable. Unsigned or newly signed executables may trigger warnings or be blocked by SmartScreen, while signed executables with established reputations are more likely to pass through without issue.
Legal and Regulatory Compliance: In some industries, digital signatures are required to comply with legal and regulatory standards. Digitally signing executables can help developers meet these requirements and avoid legal complications.
Overall, digitally signing Windows executables enhances security, builds trust with users, and ensures compliance with industry standards, making it an essential practice for software distribution.
Thanks for the tip about code signing, but that really wouldn’t change my problem.
Rick has clearly recognised this: it´s on my development machine and it’s the EXE I´m creating after compiling that is slow to load on the first run.
I didn’t have this problem on my previous PC, but now I do on the new super-fast PC with a whopping 24 CPUs the 50 x 8 second waits for the PUA check are annoying and I have found a solution for myself and I would be happy if it helps any other Clarion developer with the same problem to save time and nerves.
Btw: However, it is also possible that this time-consuming PUA check only takes place for newly installed Windows 11 versions, as is the case with my new hardware.