Whilst running as such is always a good idea, as I suspected it does not prevent malicious code from executing. At least 4 of the latest M$ 'patch tuesday' XP patches are to close vulnerabilities that would still execute even on a non-admin account. The serious hackers are, I suspect, well over that little hurdle.

Caveat emptor.