While individual user accounts can run specific SEP processes when the user is permitted, the client is designed to run under the context of the SYSTEM account. This is allows it to perform any function it needs without being limited by the rights of the logged in user account, When the SYSTEM account permissions are revoked from the file system, registry or network rights, the context of the logged in user account is attempted instead. If the user does not have the rights, the process fails.
Note: If the Admin account does not see this behavior, i.e. everything appears to run as expected/normally, then comparison of the limited user permissions to the Admin account in respect to SEP registry and file system locations should be accomplished.