So heres the problem with thatif the scanner agent was something permanently installed, UAC wouldnt be an issuethe account we are using is in fact set up correctly as a service account. The problem is the way the scan works. We are using what is called a "dissolving agent", meaning that the scanner box copies an executable over to the remote host, then runs the exe on the host itself. What happens with UAC is the executable that gets copied over is not recognized by the remote system as something that is allowed to run with administrative privileges, thus it cant execute. It fails because its a dissolving agent and not something that is registered with the system as an "always run with admin privileges" program. Windows 7 boxes in general have UAC disabled (through a GPO setting/exception to USGCB) because of an issue with EHR(electronic health record). Its mostly the Windows 2008 systems that have the issue. That said, I have observed the following Using psexec, this set of commands fails: Psexec \\remote_host/u d1\ /p ******** cmd (running from C:\Windows on the remote host) Remotecomplianceconnector2.0.exe What happens here is that remotecomplianceconnector2.0.exe (the dissolving agent) runs, but it cannot write to the C:\Windows directory. This set of commands works: runas /user:d1\dissecfusion1 "psexec \\remote_hosth cmd" (enter password) (running from C:\Windows on the remote host) Remotecomplianceconnector2.0.exe Here, the underlying service hosting the command shell is running under a privileged login and is able to write to the Windows directory. but it is not an easy fix.....will a managed service account or a virtual account help fix this issue?