Google Chrome has been found to initiate antivirus scans every time it is launched causing a perceivable slowdown in system performance. The issue has been traced to the Chrome Cleanup Tool, an antivirus component built into Google Chrome that automatically scans browser hijacking points.
Kelly Shortridge, a product manager at SecurityScorecard found out that Chrome was running antivirus scans quietly on a non-system folder.
I was wondering why my Canarytoken (a file folder) was triggering & discovered the culprit was chrome.exe. Turns out @googlechrome quietly began performing AV scans on Windows devices last fall. Wtf m8? This isn’t a system dir, either, it’s in Documents pic.twitter.com/IQZPSVpkz7
— Kelly Shortridge (@swagitda_) March 29, 2018
This is a result of a bug in the Chrome Cleanup Tool (CCT), which actually runs ESET's virus detection technology in Chrome's sandbox. The CCT, which was rolled out to Google Chrome users last October, helps restore a hijacked browser and reset hijacked settings. The checks should occur on previously downloaded files but apparently, the bug has moved the checks into the startup path causing delays in launching the browser.
Google's security lead, Justin Schuh, advises users to clean up the list of downloaded files as a temporary workaround. He said,
If you are hitting this issue and you want a fix right now then go to chrome://downloads in your browser, go to the menu in the top right, and select Clear All. That will clear Chrome’s list of downloaded files so that it won’t have any files to existence-check at startup. If you have a large list of downloaded files then this will improve startup time slightly."
A bug report has been filed and will be addressed in an upcoming update to the browser. Till then, clearing the downloads list can help prevent the scans from occurring at startup.