How does COM object hijacking with CAccPropServicesClass provide persistence without admin privileges?

By modifying a registry key under HKCU\Software\Classes\CLSID\{b5f8350b-0548-48b1-a6ee-88bd00b4a5e7}, an attacker redirects the COM object to a malicious DLL placed in a user-writable folder. Since many system programs (like Internet Explorer) load this COM object on startup, the DLL executes automatically without requiring admin rights or a reboot. This technique is similar to other COM hijacking methods such as hijacking Outlook or hijacking explorer.exe.