ScardAccessStartedEvent does not signal in Vista services - service hardening?

Migrating our core development platform to Windows Vista, one of our
Windows services using smartcards is failing.

We have debugged the problem and found that the event provided by the
function ScardAccessStartedEvent does not receive notification. This
event is supposed to signal when the SmartCard Resource Manager starts.
As we have a WaitForSingleObject(event,INFINITE), the service hungs.

Testing the same service as an ordinary executable ( registering with
-regserver ) I can see it works properly. In XP it works properly both
as an executable and service.

I have read something about Service Hardening in Vista and I guess it
may be caused by privilege reduction. So, I've created some code to
enumerate the existing privileges when the application is launched as
an executable and as a service. These are the results:

COMSERVER registered with -REGSERVER

-

PrivilegeName[SeIncreaseQuotaPrivilege]=Disabled

PrivilegeName[SeSecurityPrivilege]=Disabled

PrivilegeName[SeTakeOwnershipPrivilege]=Disabled

PrivilegeName[SeLoadDriverPrivilege]=Disabled

PrivilegeName[SeSystemProfilePrivilege]=Disabled

PrivilegeName[SeSystemtimePrivilege]=Disabled

PrivilegeName[SeProfileSingleProcessPrivilege]=Disabled

PrivilegeName[SeIncreaseBasePriorityPrivilege]=Disabled

PrivilegeName[SeCreatePagefilePrivilege]=Disabled

PrivilegeName[SeBackupPrivilege]=Disabled

PrivilegeName[SeRestorePrivilege]=Disabled

PrivilegeName[SeShutdownPrivilege]=Disabled

PrivilegeName[SeDebugPrivilege]=Disabled

PrivilegeName[SeSystemEnvironmentPrivilege]=Disabled

PrivilegeName[SeChangeNotifyPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_EN-ABLED_BY_DEFAULT

PrivilegeName[SeRemoteShutdownPrivilege]=Disabled

PrivilegeName[SeUndockPrivilege]=Disabled

PrivilegeName[SeManageVolumePrivilege]=Disabled

PrivilegeName[SeImpersonatePrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_ENA-BLED_BY_DEFAULT

PrivilegeName[SeCreateGlobalPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_EN-ABLED_BY_DEFAULT

PrivilegeName[SeIncreaseWorkingSetPrivilege]=Disabled

PrivilegeName[SeTimeZonePrivilege]=Disabled

PrivilegeName[SeCreateSymbolicLinkPrivilege]=Disabled

COMSERVER registered with -SERVICE

--

PrivilegeName[SeAssignPrimaryTokenPrivilege]=Disabled

PrivilegeName[SeLockMemoryPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_ENAB-LED_BY_DEFAULT

PrivilegeName[SeIncreaseQuotaPrivilege]=Disabled

PrivilegeName[SeTcbPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_ENABLED_BY_-DEFAULT

PrivilegeName[SeSecurityPrivilege]=Disabled

PrivilegeName[SeTakeOwnershipPrivilege]=Disabled

PrivilegeName[SeLoadDriverPrivilege]=Disabled

PrivilegeName[SeSystemProfilePrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_E-NABLED_BY_DEFAULT

PrivilegeName[SeSystemtimePrivilege]=Disabled

PrivilegeName[SeProfileSingleProcessPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIV-ILEGE_ENABLED_BY_DEFAULT

PrivilegeName[SeIncreaseBasePriorityPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIV-ILEGE_ENABLED_BY_DEFAULT

PrivilegeName[SeCreatePagefilePrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_-ENABLED_BY_DEFAULT

PrivilegeName[SeCreatePermanentPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE-_ENABLED_BY_DEFAULT

PrivilegeName[SeBackupPrivilege]=Disabled

PrivilegeName[SeRestorePrivilege]=Disabled

PrivilegeName[SeShutdownPrivilege]=Disabled

PrivilegeName[SeDebugPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_ENABLED_B-Y_DEFAULT

PrivilegeName[SeAuditPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_ENABLED_B-Y_DEFAULT

PrivilegeName[SeSystemEnvironmentPrivilege]=Disabled

PrivilegeName[SeChangeNotifyPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_EN-ABLED_BY_DEFAULT

PrivilegeName[SeUndockPrivilege]=Disabled

PrivilegeName[SeManageVolumePrivilege]=Disabled

PrivilegeName[SeImpersonatePrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_ENA-BLED_BY_DEFAULT

PrivilegeName[SeCreateGlobalPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_EN-ABLED_BY_DEFAULT

PrivilegeName[SeIncreaseWorkingSetPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVIL-EGE_ENABLED_BY_DEFAULT

PrivilegeName[SeTimeZonePrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVILEGE_ENABLE-D_BY_DEFAULT

PrivilegeName[SeCreateSymbolicLinkPrivilege]=SE_PRIVILEGE_ENABLED+SE_PRIVIL-EGE_ENABLED_BY_DEFAULT

Do you have any idea about this strange behaviour of
ScardAccessStartedEvent function?

Thanks in advance