QUOTE(ChasLkb @ 18.12.2013 03:51)
I have 7 computers that kaspersky 8 has detected the Trojan-banker.win32.chepro.fsy
looks like it is coming from a google chrome update
they have been disinfected and have no file to send.
is this a false positive?
Please find the link for your reference only http://www.kaspersky.com/au/viruswatchlite...hour_offset=1.5
As Nikolay Arinchev suggest We need a sample to tell something definite, i will suggest you to perform the below steps.
Note:- isolate the system from the network and Turn off system restore option before you scan the system.
1) Open Kaspersky Antivirus Console
3) Custom Scan
4) Security level
6) and select Deep
Below mention are the steps how to turn off the system restore option.
Click Start, right-click My Computer, and then click Properties.
In the System Properties dialog box, click the System Restore tab.
Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
Click Yes to confirm that you want to turn off System Restore:
If nothing could be found in the system after perform the above steps please use the below mention tool to scan the system and generate the log file for further analysis.
Below mention link help you to understand how to use the virus removal tool and how to generate the log file.
Note: for further investigation all the below logs and tools are mandatory to run.
1) Virus Removal Tool (AVPTool) to scan the system http://support.kaspersky.com/avptool2011/start?qid=208284194
If the issue not resolve please send us the log files.
1) Get System Info (GetSystemInfo4) http://www.getsysteminfo.com/download/GetSystemInfo.exe
2) AVZ System Info (AVZ4) http://support.kaspersky.com/downloads/utils/avz4.com
Please do a scan with AVZ tool (http://support.kaspersky.com/downloads/utils/avz4.zip)
--Click "File"-"database update"
--Click standard scripts, check "
3. Advanced system analysis with malware removal mode enabled"
4. Collecting not recognized and suspicious files." and execute.
Then send us the "Quarantine" "Infected" and "Log" folders.
If you found some sample please submit the same on below ID
If any more questions, please feel free to contact us. we are happy to help you.