I made a second user on windows specifically for bticoins with a dif password and encrypted my wallet.dat and I only get on the user to manage my bitcoins,,,,,,seems good enough to me
You have no fear that a program ran as admin can get still get the file?
If I was a hacker, I would search the whole PC for a
wallet.dat file.
Maybe that's just me.