Introduction

I got a ping this morning from a website called cleanup-registry.net   It arrived because I’d been referenced as a website in the network setup using the plugin, “Related Websites” by the Blog Traffic Exchange (actually, it may be time to knock this experiment on the head as generally, the sites are only loosely related and have poor linkage otherwise).

Whatever; the link referenced an old post of mine about Microsoft software problems here.  Notionally, the website looks okay and professional – but I smelled a rat!

cleanup-registry.net

This is a screenshot of the whole post (at http://cleanup-registry.net/need-major-help-problem-installing-net-35-framework/).  So I did a search on the user’s  error message:

‘The DOTNETFX35SETUP.EXE file is linked to missing export NTDLL.DLL:NtShutdownSystem.’ (it turns out later that I should have just done a search on the text in the first paragraph of the post…)

About six entries down in the Google search results, is this page from the respected ‘Yahoo! Answers’ forums website, shown at left.

The screen-shots of each WILL blow up to full-size, but to save you making direct textual comparisons, let me tell you now that the text in both, and one comment, the accepted answer in Yahoo! Answers, is EXACTLY the same!

For your interest, the accepted answer is that the OS’s are incompatible and there’s a fix described.

The real problem is the dates!  cleanup-registry.net’s is the 8th September 2009;  Yahoo! Answer’s is from 8 months ago!

Conclusion

What we are seeing is the same sort of tactic employed by the Google Treasure Chest scammers of a fake blog (now called a flog!) being used as part of a selling campaign.  They’ve content-scraped decent content and passed it off as their own as a means of justifying their flogging area.

Q. Their product?

A. They are trying to sell a registry cleaner type software and a computer maintenance service ($25 per month!) in Las Vegas.

All of this is done under the banner of some fairly useful video how-tos and some less worthy content scraping from other websites….

The killer bits are that all the ‘blog’ entries are dated 24/9/2009 (apart from the odd one) and all the pages and how-tos are dated 24/7/2009!!!

Furthermore, the domain owner is hidden by our old friends at Domains by Proxy..

Do you really trust this sort of stuff?  I don’t.  Whether it’s supporting malware or not, it’s selling by devious means using the same methods as used by zillions of scams worldwide.

Caveat Emptor – buyer beware!

Related posts:

1. MyBookface, Google, Utah and Nevis Scamboys United

   Introduction I knew there was something really, really dodgy about that MyBookFace.net crap highlighted in this post the other day....

2. ScamVictimHelp.com, Poacher turned Gamekeeper?

   Introduction Poacher turned Gamekeeper I’ve been rss following a little thread where a job-seeking homeworker has been diddled out of...

3. Google Revolution, Different Name, Same Scam!

   Introduction My email spambuster Mailwasher Pro is doing overtime since I posted my investigation into Google Treasure Chest and the...

4. Microsoft Performance in the Browser and Search Engine Wars

   Introduction & History Recently, Microsoft has reworked it’s search engine (MSN Live Search) and renamed it Bing.  This was followed...

5. More on Google Profits and Pacific Webworks

   Oh What a tangled web we weave… Back on May 1st I checked out this particular morph of the Google...