Last week I was testing Norton IS Beta 2011. I download a trojan from MDL to see how long it would take to become detectable. Simple test really. I must point out the file was never executed. Today Norton has gone wild saying I have Banking.InfoStealer which was the bot.exe file I downloaded last week. However, Norton says the bot's activity includes several infected dll files within the system folder. I am not complaining about the Trojan, but if the file wasn't executed, how did it place these dll into my system32 folder? Does Norton execute such unknown applications for some kind of monitoring?