Friday, July 17, 2009

is Paretologic a rogue creator ?

Paretologic creates many cleaners (Malware, Registry, Privacy...). XoftSpySE and RegCure are the most known. Recently, MalwareURL flag them as rogue. It's not a surprise, ParetoLogic is considered as rogue by a lot of security analysts.

Why ? ParetoLogix products are not automatically installed by trojan or fake codec. There is no DesktopHijack, constant alert messages, or such well known rogue symptoms. Where is the problem then ?

Affiliates communication. There is an intense communication made by third persons on blogs, google ads, twitter, ...
When ParetoLogic cares about reputation for not being classified as rogue, the company has no control on communication made by affiliates:

Few years ago, SmitfraudFix was spotted by a ParetoLogic Google ad:

Remove SmitfraudFix for good - Free SmitfraudFix scan & Fix

Unethical communication and false information. On some sites, XoftSpySE is proposed with known rogues products:



Another problem is the license. When the free scanner detects an infection. It proposes acquiring (buying) a license from the infected system. This is a very bad idea: the malware may stole identity and credit card informations.

The limit between rogue, PUP and non-ethic is poor. I won't consider it as rogue because of the missing rogue symptoms, but ParetoLogic is certainly not ethical.

hpHosts blog: http://hphosts.blogspot.com/2009/07/paretologic-vs-malwareurl.html
MalwareDiaries blog: http://blogs.paretologic.com/malwarediaries/index.php/2009/07/16/false-allegations-about-paretologic

Edit: Forum thread about this post.