... the screen go dark and wait for the stupid prompt to come up every single time I want to open Services say
Current UAC is ... well, lets say it needs some more work. At first I didn't like it at all (we have different levels of user accounts, so why not just stick with that, right?). On second thought, it's not that bad, the relaxed version in Win7 is probably fine for regular user, as he rarely accesses anything that gives him UAC prompt. And when he does, it's more user friendly to just click "Yes, I really want it" rather than having to manually start it as admin.
But for me there's no way I'm dealing with unnecessary prompt every time I start Regedit. Or elevated Total Commander, because I'm often messing with the system and want/need to have unlimited access everywhere. Or navigate to the depths of netsh command tree and when I want to actually change something, to get "Oh no, you can't do this, 'cause you forgot to run elevated cmd, stupid". Just to name a few. So my UAC quickly got "No thanks" from me. I survived without this kind of protection since Win 3.11, I can easily go on without it now.
On the other hand, it's a pity, because some features are nice and I could use them. UAC Virtualization for example. I'd like to tell Windows to always use it for my web browser to minimize damage when some "just visit our page and you got it" type of exploit is found. And the choice should stay and be used any time the application is run, no matter if started from Start menu or other application running in elevated mode. So yes, give me permanent settings and I'll gladly turn UAC back on.
http://seclists.org/fulldisclosure/2010/Sep/22
IMHO the guy made mistake when he put good dll in the same directory as exe, because there it will be always found by search rule #1. If moved to some directory in PATH, then the bad dll does get loaded, when you launch the app by clicking dhpoc file (and the same directory contains bad dll).