Trend Micro, the antivirus vendor has identified suspicious URLs which appear to be hosted on legitimate sources such as, Facebook and Google domains that promote a malicious file called ChromeSetup.exe. This file has nothing to do with Google’s Chrome installation but is simply an information-stealing Trojan application and is offered for download on various websites!
An analysis of the file ChromeSetup.exe was carried out by Roddell Santos and Roland dela Paz, threats analysts at TrendMicro which concluded that the malicious file is a multi-component BANKER malware detected as TSPY_BANKER.EUIQ.
Read more here – http://blog.trendmicro.com/info-stealer-poses-as-google-chrome-installer/