Addressing NI Software Crashes/Hangs from Antivirus Security Software

Updated Jun 1, 2026

Reported In

Software

  • LabVIEW
  • LabVIEW Runtime
  • InstrumentStudio

Issue Details

I experience hangs, crashes, or unexpected unresponsive behavior when performing one or more of the following actions:

  • Running LabVIEW or a LabVIEW executable
  • Using NI Measurement and Automation Explorer (NI MAX)
  • Launching NI InstrumentStudio  
  • Opening the NI Hardware Configuration Utility
  • I am using the NI-DAQmx driver API with ANSI C, and when I run the application, the software crashes with error Exception thrown at 0x00007FFE4F561B96 (InProcessClient64.dll) in application.exe: 0xC0000005: Access violation reading location 0xFFFFFFFFFFFFFFA8.   
This issue appears to occur only when using my organization’s computer, which has SentinelOne® antivirus installed. How can I determine whether this software is the source of the crash?

Solution

Antivirus software can cause executables that are not properly flagged to hang or crash. This happens because the antivirus blocks the DLL calls of the executable when they lack a digital signature or have an unapproved digital signature. 
 
To help determine whether security software is causing the crash, you can attach a debugger to the application process. WinDBG is a great tool for this purpose, allowing users to obtain a dump file. You can refer to this related article:  Obtaining a WinDbg Dump File to Troubleshoot Crashes in NI Software.

Alternatively, in some cases, NI software automatically generates dump files after a crash. These files can be accessed by navigating to the appropriate folder, depending on the process that experienced the crash. For example, the following article explains how to retrieve LabVIEW dump files: Error Log File Location after LabVIEW Crashes.
 
When analyzing the dump file, look for processes or DLLs associated with antivirus or security software. For example, the image below, taken from a LabVIEW crash dump file, shows InProcessClient64.dll interfering with the execution of a LabVIEW application. This DLL is injected by SentinelOne® antivirus and has been observed to cause execution issues with some NI software.
 

sentinel one blocking DLL call

To resolve this issue, you can try the following options:

  1. Disable the antivirus software when using NI software or running any application that relies on NI runtimes or APIs.
  2. Contact your antivirus vendor and IT department for assistance with whitelisting NI software to prevent it from being flagged.
If none of the above steps resolve the issue, the software may have been corrupted by antivirus interference during installation. In this case, reinstalling the affected software after applying one of the options above may be required to ensure a clean setup.

 

Additional Information

Applications using the NI-IMAQdx driver or NI-Industrial Communications for Ethernet/IP toolkit may have their DLL calls flagged by Antivirus unless whitelisted. A LabVIEW crash when using the NI-Industrial Communications for Ethernet/IP toolkit with the following error description has been observed to be caused by the security software:

Version: 22.3.2f5 (64-bit)
Exception: Access violation (0xC0000005) at EIP=0x00007FFB54E4D8A9
Possible Cause: C:\Program Files\NI\LVAddons\nieip\1\vi.lib\ethernetip\ethernetip.llb\EthernetIP Tag Write SINT.vi

Related Links

Other Support Options

Ask the NI Community

Collaborate with other users in our discussion forums



Request Support from an Engineer

A valid service agreement or active software subscription may be required, and support options vary by country.