Not a silly question at all. You
* should run as a standard user not as a user that is part of the administrator
s group (this is nothing to do with the built in Administrator account).
It is trivial to bypass UAC and get administrator token if you are running as part of administrator
s group which most people do as it the default for the first account made when you install Windows.
This (for example) shows how easy it is and why everyone should run as standard user:
UAC Bypass Using eventvwr.exe and Registry Hijacking | enigma0x3
What it means is if you run as standard user you have to validate UAC prompt for such malware. If your user is part of administrator
s group (as is default) it can bypass it without you knowing - you will not even be asked.
Of course if you are prompted and say "OK - do as you wish" to every UAC prompt or turn UAC off then nothing will help you.
EDIT[*] to be honest though even though I know I should, I don't. If I get malware I therefore expect zero sympathy
Luckily I have a backup....