Hi, I had an old give away lisence of BufferZone (simular program as Sandboxie) When I tried it I found that it slowed down start of sandboxed application to much. On my XP Pro I run all internet facing programs as Basic User (LUA). You can do the same with PGS of Sully. I have a deny execute SRP on my user space. I have Trusteer Rapport protecting IE8 and run Chromium sandboxed in BZ. BZ has this nice feature of sandboxing automatically newly downloaded executables and scripts. When I download a program with IE8 it is marked as sandboxed by BZ. So for dodgy browsing I have Chromium's internal policy sandbox with application virualisation as second safety net with BZ. Forst starup of Chromium is real slow, consequetuve startus are real fast. So on second thoughts I really like BufferZone, so it is a crossover of what Comodo FW CIS4 (only FW of BZ works within the sandbox, not on trusted aps) and Sandboxie.