(Although this happened with N 360, it shares the same engine so I'm opening the thread here for better exposure. Mods, could you please let it stay here?)

Today N360 cleaned a USB stick I carried home from work. It cleaned an autorun.inf file and two Trojan.Horse executables, one in the root of the stick, one in the notorious (and on a USB flash drive, unneccessary) hidden RECYCLER folder.

However, something happened later that I think I've noticed before, but haven't bothered to write about it yet.

After the initial cleaning, I unchecked the 'Hide protected operating system files' option in Explorer (Folder and Search Options),

Inside the hidden RECYCLER folder there was another one, ''system hidden'' folder with a recycling bin shell icon. As I proceded to erase it, N 360 then 'noticed' another malware executable from the Hacktool.Flodder family inside that folder and erased it.

The interesting thing here is that Auto-Protect 'saw' this file only after I had made it visible to myself.

There have been many cases here on the forums where pieces of malware 'evaded' the antivirus engine. Could this be the reason - that Auto-Protect doesn't seem able to see inside a 'system hidden' folder unless the user has opted to make it visible in the shell?

I didn't have the oportunity to check this, but the scanning engine doesn't have this 'disability', right?