I got a ping this morning from a website called cleanup-registry.net It arrived because I’d been referenced as a website in the network setup using the plugin, “Related Websites” by the Blog Traffic Exchange (actually, it may be time to knock this experiment on the head as generally, the sites are only loosely related and have poor linkage otherwise).
Whatever; the link referenced an old post of mine about Microsoft software problems here. Notionally, the website looks okay and professional – but I smelled a rat!
This is a screenshot of the whole post (at ). So I did a search on the user’s error message:
‘The DOTNETFX35SETUP.EXE file is linked to missing export NTDLL.DLL:NtShutdownSystem.’ (it turns out later that I should have just done a search on the text in the first paragraph of the post…)
About six entries down in the Google search results, is this page from the respected ‘Yahoo! Answers’ forums website, shown at left.
The screen-shots of each WILL blow up to full-size, but to save you making direct textual comparisons, let me tell you now that the text in both, and one comment, the accepted answer in Yahoo! Answers, is EXACTLY the same!
For your interest, the accepted answer is that the OS’s are incompatible and there’s a fix described.
The real problem is the dates! cleanup-registry.net’s is the 8th September 2009; Yahoo! Answer’s is from 8 months ago!
What we are seeing is the same sort of tactic employed by the Google Treasure Chest scammers of a fake blog (now called a flog!) being used as part of a selling campaign. They’ve content-scraped decent content and passed it off as their own as a means of justifying their flogging area.
Q. Their product?
A. They are trying to sell a registry cleaner type software and a computer maintenance service ($25 per month!) in Las Vegas.
All of this is done under the banner of some fairly useful video how-tos and some less worthy content scraping from other websites….
The killer bits are that all the ‘blog’ entries are dated 24/9/2009 (apart from the odd one) and all the pages and how-tos are dated 24/7/2009!!!
Furthermore, the domain owner is hidden by our old friends at Domains by Proxy..
Do you really trust this sort of stuff? I don’t. Whether it’s supporting malware or not, it’s selling by devious means using the same methods as used by zillions of scams worldwide.
Caveat Emptor – buyer beware!