I am a Windows XP Pro user curious about the often recommended PC security strategy of doing the majority of your computing activity on a limited user account. Generally, this idea is logical because of the way Win XP works. As explained in Prevx's blog, if you accidentally install malware it can run on the same level as Prevx, potentially making it harder for Prevx (or any AV) to handle it. This makes sense, however: Using a limited account can be very inconvenient. Even software already installed can encounter scenarios in which they will not work. Also, if you decide to implement this strategy at a later date and have been using a single admin account and you haven't installed your programs for all users, this can be a frustrating dead end. My question, however is, why would someone absolutely NEED to use a limited account in this situation: - 100% internet browsing activity is done in a Sandboxie sandbox with administration rights dropped. - Any files downloaded are first downloaded into that sandbox, scanned with Prevx and other AVs, and once found to be safe to use, are installed. - Any other potentially unsafe applications on the computer that download form the Internet are evaluated first in a rights dropped sandbox. - Sandboxie forced programs and folders are enabled. No browser process can start outside the dropped rights sandbox unless given sole permission to. Any file opened in specified download folders is forced to run in a sandbox with dropped rights. I'm not seeing what more a limited user account would do for me other than cause me to be annoyed having to redo all my Windows settings, and reinstall tons of applications that I didn't check "install for all users" on.