This is a bit offtopic, I wasn't sure whether to post it in this thread.

Creating small programs has never been easy lately due to the suspicions of antivirus software, but it has recently become much more challenging with the inclusion of Windows Defender in the arbitration process, bypassing the supposed good judgment that the antivirus installed on the system might have.

Is this Microsoft sabotaging itself? Perhaps they're trying to tell us to migrate to Linux to do these things?

Has anyone else had these same thoughts?

Can Windows Defender be set up to ignore a directory with all sub-directories?
I usually do that for my development directory, but I use the different AV system.
It always works for me, because all my projects (C, FASM, Python, etc.) are in one root directory: C:\Projects.
Also, good for backups.

I add exclusions for everything.

AVs in general are hopeless IMO. We get too many false negatives and false positives, and it just wastes time.

But that doesn't help when sending code to others that will have all the AVs installed to keep themselves "protected". And there isn't a proper solution. We just have to try to educate the customers as best we can. Fortunately for us we deliver full source code so it is an easier path.

There is an option to get a signing certificate from MS and go through all the process of that, but it is very onerous and expensive, and ultimately puts MS in control, which we rejected as a "solution".

Sure. And it gets tougher as it goes on. It often takes the initiative and deletes files before even asking. I also had to add some exclusions so I can get my local work done smoothly.

This must be a desperate attempt by Microsoft to get us to switch to Linux

Spot on revolution. I’m questioning how many people who downloaded my small interpreter actually took the extra step to turn off real-time protection or jump through the hoops Windows sets up. Some tech-savvy users will definitely go for it, but I expect they’ll be a small minority.

This is puzzling. The program I was working all day yesterday without issues, yet I am suddenly seeing this today. What is the name of this suspicious program....FASMW.EXE

Lets see what AI has to say about it:

Βased on the information provided, FASMW.EXE is likely a false positive (a harmless program incorrectly flagged as a virus by antivirus software) rather than an actual malicious program.

I thought so

Haha, asking a useless "AI" to comment on a useless "AV" result? I'm not sure which is less trustworthy, the AV or the AI.

Hmm... useless AI got it right!
Well, a broken clock is right in 1/720 of cases.

The useless AI answers based upon how the question is posed. Ask the question in a different way and get a different answer.

Use Add-MpPreference in an elevated PWSH session so it's scriptable and reproducible across machines:
Signing your outputs
A self-signed cert won't help with Defender's reputation system (SmartScreen), but it separates the quarantine trigger (heuristic AV) from the reputation trigger (SmartScreen). They're distinct engines and sometimes people conflate which one fired.

Defender Attack Surface Reduction (ASR) rules
If you're on a managed machine or have accidentally enabled ASR rules, some of them specifically block "executable content" creation from unusual processes — this can catch assemblers even with exclusions in place. Check: ASR rules override folder exclusions in certain configurations. You'd need to either disable the relevant rule or add a per-rule exclusion path.

Controlled Folder Access
Separate from exclusions — if CFA is enabled, it blocks writes to protected folders regardless of AV exclusions. Check and add your dev folder:

Longer term: Windows Sandbox or a VM
Keep your dev environment inside a Hyper-V VM or Windows Sandbox where you can disable Defender entirely without touching your host policy. The toolchain lives there, outputs get copied out. Overkill for casual use but eliminates the cat-and-mouse entirely.

The exclusion approach is genuinely the right call here — it's not a workaround, it's the intended mechanism for developer toolchains. The awkwardness is just that Microsoft's defaults are tuned for end-user machines, not dev environments.

[This is the dev experience. The time and cost to create a seamless end-user experience is dismal.]

I recently had a major problem with my antivirus software. I kept getting a system freeze message and my computer would restart on its own. I didn't know what was causing it, and I barely had time to read the message; it happened once or twice a day, which was manageable. This was after a Windows 11 update. Shortly after, the system was freezing four or five times a day. I was able to see the message about the DLL file that was causing the freeze, and after searching online, I discovered it was the antivirus software I had installed. It seems that this antivirus checks the installed drivers, and something must have been wrong, causing the system to freeze. I tried several driver troubleshooting options without success. I couldn't uninstall the antivirus or restart in safe mode, so I decided to restore windows and some programs, except this av, of course. After some investigation, it seems that it all stemmed from a Windows update that was causing errors in the graphics card drivers. Not to mention the programs it blocks even if the installed antivirus program recognizes them as legitimate. Previously, Windows Defender would disable itself when another antivirus program was installed, but not anymore. Fortunately, it seems to have everything stabilized now

Best choice.

Just one more step to complete: Disable Windows Defender.

avcaballero
I am just curious, was the antivirus software free?
Or, you paid a yearly subscription?

I paid for it. I suppose it is not a secret. It's Avast. I had it because it originally offered a free version, but then I paid for it. You can search online for the system crashes it's caused. But I imagine it's not the only one. From what I've researched, the problem stems from Windows updates.

I see.
I have a paid Kaspersky Total Security.
And I am on Windows 10, so no updates for now.
My motherboard is too old to upgrade to Win 11.

What a lucky boy

Personally I use Lnux+Wine to developing Windows small apps. Moreover Wine+x64dbg runs smooth on Debian13. This makes Windows apps developing comfortable. I wrote it here because not every Linux distro host Wine+x64dbg pair without troubles.