[moxy]

I'm not so sure. After becoming conditioned to having to click the "Allow" button over a long period of time, it might become rote for people to allow even the most detrimental processes (having become accustomed to UAC's paranoia). It seems likely that the average user who would be afflicted by such maladies (spyware, viruses, etc.) couldn't tell the difference between a malicious and non-malicious process.

Even if they could recognize these processes as dangerous, would UAC really do all that much to protect the computer? Although it does reduce the potential for damage, it doesn't inhibit one from acquiring a virus in the first place.

Of course, if a person is messing around with their own system files, I'm not sure how effective a warning box will be in preventing whatever it is that they're doing. UAC seems to be a textbook case of "security theater."

[kyochan]

It's not meant to be a stop all. It's designed so that users is notified what is being executed. For an average user, I believe if he does not know what it is, chances are he will press cancel, unless people have a lot of faith in processes they do not understand.

It's not perfect, but its better than the alternative. of friends coming to our house with their PC's having no idea what they did to it.