My flash memory have a Malware. after I plugged it to my laptop I'm not able to see hidden files anymore. I tried these methods but I still can't change the radio button in folder and options from "Don't show the hidden files" to "Show the hidden files". 1)regedit.exe -> HEY_LOCAL_MASHIN\SOFTWARE\MICROSOFT\WINDOWS\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL. set the CheckedValue = 0x1. 2)~ . set the DefaultValue = 0x2.
PS: windows7 service pack1 is installed on my laptop.
It's entirely possible whatever malware your flash drive has infected your machine with is actively preventing hidden files from being displayed.
You would need to find a way to either neutralize the malware or use additional tools that interact with your filesystem on a lower level than Explorer does (such as GMER).
You might also have some luck with the command prompt, but probably not (make sure you use dir /a as you may have an attribs issue -- especially if the malware is related to FakeFrag/FakeHDD).
USB/flash memory malwares depend on the "autorun.inf" file to spread.
When you plug a USB into your computer, the AutoRun feature starts and an .exe file is started from it and infect your computer. After that, it infects all the mounted drives with the same method. Put a copy of itself in the root of all drives, along with autorun.inf file. Then, they disable "Show hidden files" from Folder Options, by editing the registry. Maybe also auto close, or disable, the Task Manager to prevent you from killing its process.
Even if you removed the infected file from the USB, and reformatted your C: drive and installed a clean version of Windows, it is still hiding in your other drives (D:, E:, etc.) and as soon as you open any of these drives after a clean install of Windows, you will get infected again.
Cleaning your computer while the malware is active is a bit tricky. If you removed the .exe+autorun.inf from an infected drive, then it copies itself again to the same drive. If you killed its proccess, it waits till you open one of the infected drives, and it starts again.
A quick fix for this kind of malware is to disable the AutoRun feature and/or install an application like Autorun Eater that will monitor, scan, and allow/deny autorun.inf when one is detected. Also, it lets you fix the Folder Options and Task Manger settings in the registry if they were being modified, and restore them to their original state.
