A few days ago Kelly Shortridge, a product manager at SecurityScorecard detected some unexpected behavior on her PC, as a honeypot Canarytoken reported being accessed by Chrome.exe. That's not what you'd expect from a web browser normally, except for one thing -- Google did add some antivirus-y capabilities to its browser on Windows late last year as an enhancement to its Chrome Cleanup tool that can help reset hijacked settings. Google Chrome security lead Justin Schuh explained how the feature works and pointed to some documentation about it, and that was that -- until last night.
If you are hitting this issue and you want a fix right now then go to chrome://downloads in your browser, go to the menu in the top right, and select Clear All. That will clear Chrome's list of downloaded files so that it won't have any files to existence-check at startup. If you have a large list of downloaded files then this will improve startup time slightly.
It turns out the "AV scanning" wasn't that at all, and what it was doing could affect you right now. It turns out that Chrome is checking the integrity of downloaded files at startup, and a bug lead it to that particular folder. It relies on the Downloaded History list for this check, and if you have a lot of files in there, it could slow down your computer when you start Chrome. While the dev team is working to skip the check entirely in a future update, users worried about it can fix it by clearing their download history. Easy, right?