You can increase the logging level, and check the logs for specifics:
HKEY_LOCAL_MACHINE]\SOFTWARE\Foundstone\Foundscan\Tweaks] (for 32-bit host) or
[HKEY_LOCAL_MACHINE]\SOFTWARE\Wow6432Node\Foundstone\Foundscan\Tweaks] (for 64-bit host)
** if the key "Tweaks" doesn't exist, create it. **
LogWam DWORD Value 'ff'
Rescan, and you can see exactly what access MVM got, and any failures too.
Yes, sorry I wasn't more specific. Apply the tweak on the Engine that you run the scan from. No need to restart any services.
The daily log (~foundstone\logs\LogFile.<date>.txt) will show very verbose info in regards to authentication, so you will want to disable it after you get the results.
So I compared logs from two Win2003 servers. The one with access type 65546, all scirpts run ok. The one with access type 10, I see two warnings at the beginning of the log:
Warning (80070043): Could not connect to an administrator share; presuming not accessible.
Warning (80070035): Could not connect to remote registry; presuming not accessible.
Any idea what could cause this? Both servers have the same user in the loacal admin group.