I almost died of frustration until someone saw the light... Let me put it this way: I very much appreciate User Account Control and the other features that go hand-in-hand with the system; such as protected mode, file and registry virtualization, etc. I think the way User Account Control is implemented in Windows Vista and 7 is fine, but the two big things I would really push Microsoft to change are: 1. The text of a UAC prompt and help file documentation. I think Microsoft needs to stop babying people and making UAC prompts read like just another "are you sure" dialogue box. It should say, "Do you want to afford this program administrative rights?", followed by a description something like: "If you were not attempting to install or run the intended function, please click NO." A little user education can go a long way. Forgive me for having faith that people can learn; after all, that is my field of study. 2. The slider bar granularity is of questionable use. They need to make the slider more useful. The top should still be "Always On" or the "classic Vista" setting, but they need to improve the other settings. They should indeed make one setting preset in which it is tweaked to be silent. And, I previously read some other folks disagreeing with how Microsoft implements the "Windows functions" being whitelisted for the 3/4 setting. That indeed could be improved as well. The bottom line: If User Account Control is annoying you, it is because you are running it on an administrative user. If you were running on a standard user, which you most certainly should have been doing since the XP days in the first place, you would be loving UAC more than an all you can eat buffet. I'm sorry to say that I cannot believe there are so many that still don't understand this concept (or perhaps they would rather argue it to justify their security setup) here on Wilders, but it is a proven fact that failing to embrace the concept of least user access can and will eventually lead to security problems. Yes, some malware can run fine without administrative privileges, such as rogue security solutions. These threats are best mitigated with policy restriction or other forms of whitelisting which can also be done in Windows. But, a lot of nasty stuff out there needs administrative privileges to do its harm and damage your operating system. A lot of the malware that aims to attack Windows itself can be circumvented by least user access. Also, as I have said before, running full time as an administrator puts your other layers of security at risk, especially antivirus programs. It is common sense that malware will try to disable or tamper with security software in its opening move, (mechBgon's words). Furthermore, those relying on the self-protection built into some security solutions shouldn't place all their confidence in that ability. When malware tries to attack the security software, it can end up being a never ending battle of "YOU START I CLOSE YOU START I CLOSE" until the system crashes. (Rob Koch, MCC at Microsoft Answers, enlightened me on some of the risks of relying on self-protection modules). The best self-protection, therefore, is least user access and reducing attack surface to begin with. There really is no argument. You are less safe if you are running full time as an administrator. The Admin Approval Mode is designed to allow people to run as an admin and make it reasonably safer, but it is still recommended to run as a standard user. If you are worried about the prompts, and you turned off UAC, you can set up a standard user account for guests that are ignorant of PC security. That way, they won't get prompts; they'll just get access denied. Of course, they would have to know your password to answer "yes" to a UAC prompt, so that really is a non-issue to begin with. You'll have to forgive me, but to me it is the definition of insanity to have someone scrape their Windows Vista or 7 down to bare-bones, disable UAC, and then install Sandboxie, anti-executable, antivirus, behavior blocker, HIPS product, etc etc. People that load up like that must realize if they took the time to correctly utilize some of the built-in functions in Windows first, much of that would be unnecessary. Additionally, that other stuff you run would be better sealed from tampering due to any malware installing being denied admin privileges. Not to mention, installing all that 3rd party security software has side effects. Any time you go beyond the minimal effective dose, you get side effects. Now I am not knocking any of those products specifically. Heck, I use and am in love with Sandboxie and have been for years now. I am a huge advocate of Sandboxie. But the reality is, it is an added layer of protection for me. I chose to pay a bit more for Windows up front and receive the benefits of having access to group policy editor among other features, and getting to specifically define rules for what can run and what cannot run on my system. The primary intent of this thread for me was to educate, but the reality is, people just don't care. UAC represents an inconvenience for them, even though in all respects it is a convenience, since now they can run as an administrator and be generally more safe if they are willing to use half of their brain. I don't know why, but I have become very passionate about issues like this over the past year. To borrow a phrase from Al Gore, this is an inconvenient truth.