Technical Information
- <SYSTEM32>\tasks\preview handler surrogate host{g7d3j9g5j6d3s-k4f5k3s2i5-k7g3d2j7f4}
- %APPDATA%\microsoft\windows\hosts\prevhost.exe
- %APPDATA%\microsoft\windows\hosts\757475834932488797
- %APPDATA%\microsoft\windows\hosts\757475834932488797
- %APPDATA%\microsoft\windows\hosts\757475834932488797
- '%WINDIR%\syswow64\schtasks.exe' /create /F /sc minute /mo 5 /tn "Preview Handler Surrogate Host{G7D3J9G5J6D3S-K4F5K3S2I5-K7G3D2J7F4}" /tr "%APPDATA%\Microsoft\Windows\Hosts\prevhost.exe"
- '%WINDIR%\syswow64\schtasks.exe' /Query /XML /TN "Preview Handler Surrogate Host{G7D3J9G5J6D3S-K4F5K3S2I5-K7G3D2J7F4}"