Hi, StCroixSkipper
I went to review the project but the zip file appears to be corrupt. :( Sure usermode is fine the only problem is that at some point the journal will eventually purge records. What this means is that if you have a (magicUsn) value that you want
to return records from you might not get all the records if alot of activity took place on the volume or the application wasn't run for awhile. The service however would be able to maintain all of these records so that if the journal does purge existing records
they would still exist in the database. That is why there is only two reasons to use a service
1) The administrative rights requirment.
2) The journal can purge records.
In this case MagicUsn wouldn't be to useful but you can re-work that into searching by a specific date or time rather than the MagicUsn value.
I have written UAC elevation using the COM moniker this allows you to be manifested AsInvoker but yet execute code as Administrator. I could help you with adding elevation to your process without manifesting it with RequireAdministrator. The advantage to that approach is the user won't be prompted when they launch the application but only prompted when you need to run Administrative tasks such as with the journal.
Overlapped/IO would be fine, I only see two things that would need to use the Async IO that would be
1) Waiting for the journal to finish deleting or Wait for a pending delete from another application.
2) Waiting for new records.. You can poll the journal or use the overlapped/IO here would remove the need to poll.