Correct me if I'm wrong, but I believe that file reputation checking is only for executable files. So if I download a ZIP file with an EXE contained within, it doesn't get checked. Or perhaps Norton looks into the ZIP and checks reputation of included executables?