Congratulations, exactly how UAC is designed to work, and something that most application developers are either too lazy or too scared to ever look at :)
In a nutshell, you put the code that needs to be promoted in a separate COM object (which lives in the DLL), and then you create it with the elevated instance using the method described here .
HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, __out void ** ppv) { BIND_OPTS3 bo; WCHAR wszCLSID[50]; WCHAR wszMonikerName[300]; StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0])); HRESULT hr = StringCchPrintf(wszMonikerName, sizeof(wszMonikerName)/sizeof(wszMonikerName[0]),\ L"Elevation:Administrator!new:%s", wszCLSID); if (FAILED(hr)) return hr; memset(&bo, 0, sizeof(bo)); bo.cbStruct = sizeof(bo); bo.hwnd = hwnd; bo.dwClassContext = CLSCTX_LOCAL_SERVER; return CoGetObject(wszMonikerName, &bo, riid, ppv); }
The key is the prefix Elevation:Administrator!new: to the nickname. This causes a raise request to be launched, and the resulting COM object will be created with a raised token.