Windows DefenderReal-time protection cripples server while Docker is running

Hello everyone,

I have the following problem which is somehow impeding on the progress I make while working with Docker for Windows.

Whenever I have Docker running and several containers up, the server gets very slow to the point of responsiveness, with the Antimalware Service Executable from the Windows Defender Service taking up almost all available resources.

I have already tried excluding the following folders and executables from Windows Defender in the Windows Settings (Settings > Updates & Security > Windows Defender > Add an Exclusion):

  • [My docker working directory with all the Dockerfiles, docker-compose.yml, etc.)]
  • C:\ProgramFiles\Docker
  • C:\ProgramData\Docker
  • C:\ProgramData\DockerDesktop
  • Docker for Windows.exe
  • DockerWatchguard.exe
  • dockerd.exe

However, Windows Defender still continues to claim enormous amounts of resources as long as the Real-time protection option is enabled.

Is there anything I can do about this short of disabling Windows Defender Real-time protection?

Any advice or insight would be greatly appreciated.

Thanks in advance,
Cheers!
Kira
=^,^=

I am having the same issue.

You might want to try to exclude %USERPROFILE%\AppData\Local\Docker\wsl\, for instance c:\Users\meyay\AppData\Local\Docker\wsl\

I had a similar scenario though my docker containers were windows containers rather than linux containers and I was executing them through Jenkins. In my case, I had to add “node” and “node.exe” to my exclusion list even though node was running inside my container.

I discovered which processes to add to the exclusion list by running the Microsoft Defender Performance Analyzer. Performance analyzer for Microsoft Defender Antivirus - Microsoft Defender for Endpoint | Microsoft Learn

Once ran and analyzed it was clear that defender was scanning all the files that node was writing to yarn cache even though it was all happening within the container. This slowed down the write so much that yarn install failed with a network error (this is a known issue in yarn v1).

Adding node and node.exe to the exclusion resolved the issue in my case.

Long story short: Try running the Performance Analyzer for Microsoft Defender to identify which processes you may need to add the the exclusion list.

1 Like