After googling around I couldn’t find any reference to Rover autostart mechanism, so here is a quick introduction for you:
Adding this key [key only is enough]:
-
HKEY_CLASSES_ROOT\CLSID\{16d12736-7a9e-4765-bec6-f301d679caaa}
and dropping the following file:
-
c:\windows\system32\rover.dll
with an exported function called RunMonitor will cause rover.dll to be loaded.anytime user logs in [it’s loaded by userinit.exe].
Tested on Windows 7 and Windows 8.1.
I have received a few questions with regards to this post, so here are some notes that I hope will be helpful:
- Despite being placed under HKCR, it’s not a regular COM entry
- It’s an equivalent of a Boolean flag stored in Registry; same as a presence of a file on a disk
- If key exists
{ do something }
- If key exists
- I believe it’s a part of some testing/QA platform; maybe some exotic extension used only in special builds [Windows is actually full of these conditionally loaded DLLs]
Note: For unknown reason this post disappeared. Re-adding it. (suspecting wordpress hiccup; update: after checking logs it looks more like a DB problem and it was restored by the provider from a backup /removing the post on the way/)