• July 17, 2017
    Announcement: New site design for Microsoft Community

    In July, Microsoft will roll out the first of ongoing site improvements aimed to modernize Microsoft Community and help customers get the most out of their community experience.

    • During the roll out period, you may see the old or new site design depending on your location

    • We expect the roll out to finish by 31 July

    Note: Past private message conversations will not move to the new site design. Please save any private messages you would like to keep.

     Learn more about the upcoming site improvements in this thread.

    Thank you for being part of Microsoft Community!

 
Question
  • This thread is locked from future replies
61336 views

I received a call from someone claiming to be Microsoft.

Olz B asked on
Sure--it's a scam. It's all over the Web for a while now.

Here are the details, just to get it on the record as to how this scam is working  as of yesterday in LA, California:

I received a land-line phone call asking for a name that hasn't been on the bill for 15 years, my wife's former husband. Caught my attention.

The caller identified himself as "Michael Williams" -- but  with a MAJOR  Indian accent. I asked him about the weather in Calcutta, probably the origin of this criminal gang, but he said he was from New Jersey. Woof!

He said his company's Website is www.windowstotalcare.co.cc  and gave the Phone# as 952-232-6284 ext. TD-0714M (TD =Technical Department, he said, and the M is for Michael.)

Said his company was "Windows Total Care" and he was from the technical department. He liked to keep repeating this.

I asked him to identify my computer since I have, oh, six or seven. "Microsoft" would know this, right?  According to him, Microsoft  identified my computer as the culprit that was apparently infecting the entire planet with the some un-named MOAV. (Mother of All Viruses). He wouldn't elaborate.

He said it was my Windows 7 computer and gave me my "CSID" ( number above in the title bar) and to  confirm it by going into a CMD window and typing "ASSOC".  He said it was a unique identifier and proved he was from Microsoft and that I was "causing big problems" on the Internet.

Scam?? Sure, but what does the assoc command show and why? 

Also, can you please direct me to a breakdown explanation of the line:

 zfsendtotarget=CLSID\{ 888DCA60-FC0A-11CF-8F0F-00C04FD7D062}

I know all (most?) Vista and Win 7 users have the same number.

287 people had this question

Abuse history


The answered status icon Answer
dax1792 replied on

assoc command lists the file associations. zfsendtotarget happens to be the last one. The Class ID identifies a COM object to run.

 

http://blog.eset.com/2011/07/19/support-desk-scams-clsid-not-unique

 

zfsendtotarget is a part of the implementation of the 'Send to compressed (zipped) folder' option on the Explorer right-click context menu.

This answer is provided “as-is.” You bear the risk of using it.
113 people found this helpful

Abuse history


progress