I have a windows .net service that depends on a COM object in a dll. For reasons I won't go into here I want to run the service under the Local System account. I'm running into an error on some Windows XP machines. My dll depends on another dll. The PATH environment variable contains the directory where the other dll is located. I've captured the file/registry access events running the service under LocalSystem and a local Admin account. It shows that under the Admin account that all directories in the PATH environment variable are searched when looking for the other dll, however under LocalSystem account all of the directories, except one (the one where the dll is located), is searched when trying to find the other dll. Below is a portion of the Process Monitor events, one for LocalSystem and one for a local Admin account. I placed in bold the event where the other dll is found when running under local admin account. When running under LocalSystem the dll is never found. Both accounts are searching the directories found in the PATH environment variable however under LocalSystem it does NOT search C:\Program Files\Common Files\ESRIProductionMapping\Desktop10.0\Bin\ which is where the dll is located. When I check permissions on that directory the System group has full control. Anyone know why this is happening and what I can do to correct it. //Admin account Load Image C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\ReviewerEngine.dll SUCCESS Image Base: 0x9880000, Image Size: 0x514000 RegOpenKey HKU\S-1-5-21-2943453846-44042652-1564530526-1024 SUCCESS Desired Access: Maximum Allowed RegOpenKey HKU\S-1-5-21-2943453846-44042652-1564530526-1024\Software\Policies\Microsoft\Control Panel\Desktop NAME NOT FOUND Desired Access: Read RegOpenKey HKU\S-1-5-21-2943453846-44042652-1564530526-1024\Control Panel\Desktop SUCCESS Desired Access: Read RegQueryValue HKU\S-1-5-21-2943453846-44042652-1564530526-1024\Control Panel\Desktop\MultiUILanguageId NAME NOT FOUND Length: 256 RegCloseKey HKU\S-1-5-21-2943453846-44042652-1564530526-1024\Control Panel\Desktop SUCCESS RegCloseKey HKU\S-1-5-21-2943453846-44042652-1564530526-1024 SUCCESS IRP_MJ_CREATE C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\reviewerengine.dll.2.Manifest NAME NOT FOUND Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a IRP_MJ_CREATE C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\reviewerengine.dll.2.Config NAME NOT FOUND Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\ArcGIS\Desktop10.0\bin\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\wbem\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Windows Imaging\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\WindowsPowerShell\v1.0\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft SQL Server\100\Tools\Binn\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft SQL Server\100\DTS\Binn\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft Team Foundation Server 2008 Power Tools\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft Team Foundation Server 2008 Power Tools\Best Practices Analyzer\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Common Files\ESRIProductionMapping\Desktop10.0\Bin\ProductionSolutionEngineLib.dll SUCCESS CreationTime: 5/18/2010 12:56:06 PM, LastAccessTime: 5/19/2010 2:50:02 PM, LastWriteTime: 5/18/2010 12:56:06 PM, ChangeTime: 5/18/2010 5:32:01 PM, AllocationSize: 1,228,800, EndOfFile: 1,225,216, FileAttributes: A //Local System Account Load Image C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\ReviewerEngine.dll SUCCESS Image Base: 0x9880000, Image Size: 0x514000 RegOpenKey HKU\S-1-5-18 SUCCESS Desired Access: Maximum Allowed RegOpenKey HKU\.DEFAULT\Software\Policies\Microsoft\Control Panel\Desktop NAME NOT FOUND Desired Access: Read RegOpenKey HKU\.DEFAULT\Control Panel\Desktop SUCCESS Desired Access: Read RegQueryValue HKU\.DEFAULT\Control Panel\Desktop\MultiUILanguageId NAME NOT FOUND Length: 256 RegCloseKey HKU\.DEFAULT\Control Panel\Desktop SUCCESS RegCloseKey HKU\.DEFAULT SUCCESS IRP_MJ_CREATE C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\reviewerengine.dll.2.Manifest NAME NOT FOUND Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a IRP_MJ_CREATE C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\reviewerengine.dll.2.Config NAME NOT FOUND Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\ArcGIS\Desktop10.0\bin\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\wbem\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Windows Imaging\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\system32\WindowsPowerShell\v1.0\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft SQL Server\100\Tools\Binn\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft SQL Server\100\DTS\Binn\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft Team Foundation Server 2008 Power Tools\ProductionSolutionEngineLib.dll NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Microsoft Team Foundation Server 2008 Power Tools\Best Practices Analyzer\ProductionSolutionEngineLib.dll NAME NOT FOUND RegOpenKey HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots NAME NOT FOUND Desired Access: Enumerate Sub Keys FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\ReviewerService.exe.Local NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943 SUCCESS CreationTime: 5/18/2010 5:32:43 PM, LastAccessTime: 5/19/2010 3:06:50 PM, LastWriteTime: 5/18/2010 5:32:44 PM, ChangeTime: 5/18/2010 5:32:44 PM, AllocationSize: 0, EndOfFile: 0, FileAttributes: D IRP_MJ_CREATE C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943 SUCCESS Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened RegOpenKey HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots NAME NOT FOUND Desired Access: Enumerate Sub Keys FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\ReviewerService.exe.Local NAME NOT FOUND FASTIO_NETWORK_QUERY_OPEN C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e SUCCESS CreationTime: 4/29/2010 12:25:51 PM, LastAccessTime: 5/19/2010 3:06:50 PM, LastWriteTime: 5/18/2010 5:32:43 PM, ChangeTime: 5/18/2010 5:32:43 PM, AllocationSize: 0, EndOfFile: 0, FileAttributes: D IRP_MJ_CREATE C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e SUCCESS Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened RegOpenKey HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots NAME NOT FOUND Desired Access: Enumerate Sub Keys FASTIO_NETWORK_QUERY_OPEN C:\Program Files\Common Files\ArcGISDataReviewer\Desktop10.0\Bin\ReviewerService.exe.Local NAME NOT FOUND 1 person needs an answerI do too