I might be asking something too much here but here goes... Lets say I download a program off the internet and scan it. I scan the file with A-Squared, Prevx, and MBAM, all say its clean. I even go as far as to upload the .exes and the .dll to virustotal, all report back as being clean. This doesn't mean to say it is clean, it just means if it is malicious its unknown. How would you check to make sure its 100% clean? Would you run each app through a sandbox? Scan with a cloud-scanner and wait a few days? Run each app through a trojan analyzer like RegRun?