Going off-topic, but this is security I have to explain clearly. It's my line of work.
Those Who Sacrifice Liberty For Security Deserve Neither. Benjamin Franklin
UAC is just asking you if you approve the action. It never stops you from saying yes. What on earth does liberty has to do with it?
Naturally, programs created before UAC's creation don't know how to ask for permission when they want to access protected files. That's why they will fail to function, and that's why there's the option to by default run a program as administrator, both in the shortcut and in the executable file property, and that's why I recommended installing old software outside of Program Files.
Sure its more secure, but having to dance everytime you open, write, play game, go pee can be a pain. Myself everytime i reinstall windows with UAC, disabling it is the first thing i do.
Vista's UAC is on the super excessive side, yes, we all know that. It is vastly improved in Windows 7 (
http://www.google.com.hk/search?q=Win+7+UAC+improvement&btnG=%E6%90%9C%E5%B0%8B+&oe=utf-8&rls=org.mozilla%3Aen-US%3Aofficial&client=firefox-a&safe=images). I've used both and in Win7 UAC only shows up when I'm changing system configuration, and won't be prompting multiple times for a single action.
UAC is a notification. Think of SMS/email notifications/multi-factor authentication in electronic banking. When a transaction is trying to withdraw money from your account. Would you consider those an annoyance, and would rather your bank stay silent and let everyone withdraw from your account as long as they can present your credit card no. + expiry date (which is dead easy to get - they just need to look at your card)?
Ive spent 9 month downloading game/torrents and going on half-safe website and didnt catch anything. If you know your computer and can use a bit more than common sense turning UAC is not a treat to your computer. Thats my point of view tho. If you dont know much technical on computer, you are better with it, if you know your way around computer and know how to detect potential malware/unwanted program running, you dont need UAC.
"Good" malware try their best to not get detected. They couldn't steal from you and use you as a breeding ground if they are detected.
You download software do you? Add-ons for browsers. Free utilities. Free games. Have you inspected their binaries, or source code if available, to confirm that they do not do anything they are not supposed to?
No? Then how can you be sure that they won't? Based on comments from anonymous people? What if the program in innocent, but it contains a buffer overflow that can be easily exploited to execute any code an attacker wants?
Virus shield? They only work on known patterns.
That's where UAC comes in. If a program is not an installer, it has no business changing registry and modifying files in protected locations. If a program is an installer, then a message is displayed to end user to let them confirm the program's identity (if signed or not, publisher details, etc.) before approving the action. If you say "Yes" before making sure the installer is legit, then it's your own damn fault.
Recent virus shields try to also detect suspicious actions, but they can never be 100% sure. They usually end up just blocking the action if it's particularly risky, or just prompt you about a certain program wanting to do a certain thing, and if you want to allow it. Which is exactly what UAC does, isn't it?
Edit: See also this thread:
http://www.wilderssecurity.com/showpost.php?p=2080578&postcount=183