Hello minds,I have a piece of code where if I run a particular application,it will hook its process and injects my dll into the process space of that application.I will explain my problem with an example..Atfirst if I run MyApplication.exe,my code will hook the process of MyApplication.exe and inject MyDll.dll into MyApplication.exe process space,now my MyApplication.exe extracts a exe called MyChild.exe to a particular location,since I have hooked all process creation based API's(createprocess,zwcreateprocess,shellexecute) MyChild.exe will also be hooked and injected by my dll.And again MyChild.exe calls it self with a commandline argument(ex: MyChild.exe ./UAC)...this is where I am having problem..am able to hook the first two exe's but not able to hook when MyChild.exe calls itself.
MyApplication.exe-------(Runned by my code)---->HOOKED AND INJECTED DLL----->MyChild.exe--->HOOKED and INJECTED DLL
---->MyChild.exe ./UAC--->failed to hook
NOTE:Since I have hooked process related API's,if CreateProcess is called...it gets diverted to MyCreateProcess(..) (which is My function).
When I track this MyChild.exe using DebugWindow(a tool),it shows it calls ShellExecuteEx to call MyChild.exe ./UAC but the call is not getting diverted.Will this be a UAC problem bcoz am using vista...I didnt test in other OS. Is there any UAC problem in hooking? Please give me suggestions,what would be the problem.