I am the de-facto support for our shared family PCs. I am looking for ways to secure these machines from the "click of oops", bearing in mind that my users are not technically inclined. What we have now: Windows XP, patches kept up to date. One machine uses limited user accounts, the kids machine does not because some of the older games require admin privileges. Avira Free ThreatFire Free Firefox with NoScript, and DropMyRights is used for non-limited user accounts. ZoneAlarm Free for phone-home checks Router with default firewall rules, no inbound allowed DiscWizard images created periodically MBAM & SpyBot S&D for immunization and on-demand checks. It is not entirely clear to me how vulnerable this might be to drive-by downloads, e.g. by visiting a dangerous web site from a Google search. I have been lurking in these forums for some time now, so I know that many people like sandboxes and/or HIPS, but I am not sure that those applications are suitable for my target audience (I'm sure they're great if you know what is going on, but for casual users I would be worried about the "hey where did my file go?" or "what does this pop-up mean?"), so I have been looking at web/url shield type apps. I did some testing in a VirtualBox VM using the "Virusremover2008" url that was refrenced in the "browser defender" thread. What I found was: Brorwser Defender did not identify the site as being malicious, either in the search results or when I went to the page. Finjan Securebrowsing - no reaction, same as above. Haute Secure: I did not see any site ratings in my Google search, and HS did not complain when I visited the site. I like the idea behind HS, but I'm not sure if it is working as advertised... Avast! blocked the URL from loading. AVG Free 8 "safe search" did not flag the web site, but visiting the site generated a pop-up from the surf shield that a malicious script was found on the page. I am considering replacing Avira on the kids PC with either Avast or AVG8 to get that extra layer of URL scanning/blocking - is that a false sense of security, or is there real value in the web/surf shields?