I run Sandboxie in my XP VM. The XP VM is a Sandbox (i.e, can kill the session with a simple x and recover from a saved snapshot in around 5 seconds.). I run Sandboxie inside my XP VM so that is what I mean by double-sandboxed. Every OS update or major update (a Sandboxie update for instance), I crash the session, recover from the last saved snapshot, and commence to install the updates or program, then I create a new snapshot. I know it sound paranoid and tedious but trust me when I tell you that I am pretty much immune to most attacks. I do run a rudimentary anti-trojan (not an anti-virus) program in my XP VM but it only quivered once and I laughed at it because of what I mentioned above. I'm pretty convinced (based on seeing way too many infected PCs since I use to have to repair them) that I came up with a more then fool-proof method for protecting my system, and after nearly 4 years (and only infected Media Militia site tried to do a drive by attack; got all my skulls clip-art from that site and a few other brushes too. I of course laughed at that situation and recovered in around 5 seconds to 10 seconds) I've yet had anything that I was not able to simply recover from in mere seconds. Setting up VMs as Sandboxes for personal protection is the only way to protect your system period Rod. Any other protection is just a false sense of security. Of course this method still relies on a firewall and XP's firewall has been more then adequate for my needs. I do have my Win7 OS protected with MSE and it has a good 2 way firewall but the only time I really worry is the few times I go online to get a G'MIC updates, or check for Photoshop updates or click on the go to website options in the various programs that I run in Win7.