According to the CEP cookbook, the CEP engine decides which folder to use with this logic:
```
How does CEP decide which extension to load?
- CEP first searches the product extension folder, then the system extension folder, and finally per-user extension folder.
- Extensions without an appropriate host application ID and version are filtered out.
- If two extensions have same extension bundle ID, the one with higher version is loaded.
- If two extensions have same extension bundle ID and same version, the one whose manifest file has latest modification date is loaded.
- If two extensions have same extension bundle ID, same version and same manifest modification date, CEP loads the first one that is found.
```
However, if an extension load FAILS due to any issue such as a Signature Verification error, then it stops trying to load that extension altogether. So the suggestion is that in case of a failure, we work down this existing list and pick up the next best version of the same extension, e.g. in a different folder or of an older version, and load that instead.
Inspiration behind the suggestion is that a user ended up with a "bad" version of our extension in their `Program Files (x86)` folder (probably by using a zxp installer) which was giving a Signature Verification issue, and we also had a "good" version of our extension in their per-user extensions folder. However, the "good" version kept getting blocked by the "bad" version.