Winsetup.exe is a hidden executable file that come to me in a USB memory device in a hidden folder named Temp that points to your recycler bin. Avast don’t detect it yet. I will sent a sample.
Other antivirus detects it as:
CAT-QuickHeal - (Suspicious) - DNAScan
eSafe - Suspicious File
McAfee-GW-Edition - Heuristic.LooksLike.Worm.Palevo.B
Rising -Trojan.Win32.DangerGL.a
Sophos - Mal/EncPk-IY
TrendMicro - PAK_Generic.001
VBA32 - suspected of Malware-Cryptor.Win32.General.3
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and possible undetected malware in the subject.
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already in the chest) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.
Flash Drive Disinfector
Information and Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop.
[*] Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.[*] The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.[*] Wait until it has finished scanning and then exit the program.[*] Reboot your computer when done. Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don’t delete this folder…it will help protect your drives from future infection.
I found the PC who infected my USB Pen drive and found the infection process, named sysdate.exe that resides on recycler folder with hidden and system file attributes. This process creates the winsetup.exe