I am really pleased with Threatfire. I use it to complement Sandboxie, as a few of you already know. I always keep it at Level 5 since I do not use any other realtime protection such as Avira, Avast, AVG, Norton, Kaspersky, etc. Threatfire at level 5 is a whole other animal than it is at level 3. Novice users might prefer level 2 or 3 when running it along side a real time AV. I like level 5 because it is not only an aggressive behavior blocker, but it acts like a software firewall as well. When Windows updates XP, I know about each little behind-the-scenes activity. It is no different when Dr. Web wants to extract scan statistics from my usage of their product; Threatfire informs me of PUP(s) and then is capable of blocking that action. I feel like anything that runs in the background will be exposed with Threatfire AV at level 5. That is the piece of mind that I pursue incessantly, yet not obsessively.