I just watched the demo video on the Replace UAC website and I am somewhat alarmed. It shows two different imitation UAC popups (at 0:50 and 1:10) with Aero disabled to appear like it is coming from the secure desktop, without requesting elevation!
As for TweakUAC I think all that app does is set two GPOs shown in the Post #1 screenshot:
"Run all administrators in Admin Approval Mode" Enabled
"Behavior of the elevation prompt for administrators in Admin Approval Mode" Elevate without prompting
Also as for "keeps the protection
" I am skeptical of the explanation on that page:
There is only one single "moment of truth" when it comes to malware getting unlimited access to your system, and it occurs when you attempt to run a program you have downloaded from an unknown web site
The screenshot shows a security warning because the installer does not have a Digital Signature; you will get a very similiar warning even with a Digital Signature. Most importantly you dont get that warning at all if it is not an installer, just download a binary, extract it if necessary and run it. Knowing whether or not that unsigned app wants to run in User or Admin mode then becomes very important.
I see a few ways that wont protect you:
You copy files from an external drive or network folder to your pc.
Your web browser is exploited and elevates without your consent to hijack your pc.
My biggest gripe with UAC is this bug: http://www.msfn.org/...ho-t120369.html