How about instead of letting an unknown file run, you give the option to run the program in a sandboxie. It could be called S.A.N.D. (Symantec’s Advance Neutralizing Detection) Barrier.

Whenever an unknown file is downloaded the user will be given the option to run program in S.A.N.D. Barrier instead of just letting it run. The program will be able to run but it will be limited on what it can do so even if it is malicious it can’t do any damage. The program/file will be analyzed by sonar and all of Norton’s tools to determine if the file is safe or not. If the file is safe it will be put on the system without the barrier and if it is malicious it will be easily removed.  Doing it this way will make sure that unknown files can’t do any harm and can be monitored to see if they should be trusted or not.