Kaspersky uninstalled itself and now I have "UltraAV". Is it any good?


Recommended Posts

It takes years for AV products to build up trust and much less time to destroy that trust.

If you're not sure about them, look at some well respected AV companies like ESET or Malware Bytes.

 

 

The most important thing is to make your own final choice and not blindly trust anyone.

 

 

 

 

On 21/09/2024 at 18:25, Mockingbird said:

It auto install itself.

You had to ask if this was legitimate program? Really?

Worse, according to Adrynalyne's link is not being removed doing a normal uninstall. I would do a clean Windows install and skip the Russian AV.

Hello,

Neowin has written about Kaspersky Lab's exit of the US market here and here, and you can read the statements from both the US Government and Kaspersky Lab as well.

It is my understanding that Kaspersky Lab sold their US customers to either Pango, LLC, which I think is a holding company registered in Chantilly, VA or Intersections, LLC, which does business under the name "Pango Group" that is a private equity firm and is registered in Boston, MA.  I think Intersections, LLC owns Pango, LLC (as well as Pango GmbH in Switzerland), although it is not super clear from looking at the pango.co website, and there's no entries for any of these companies on Wikipedia, which is just weird.  Anyways, Pango offers VPN services, as well as partners with third-party advertising networks to track users.   Some of Pango's brands include BetterNet, Hotspot Shield, IdentityDefense, Intrusta, PassWatch (a password manager, I think?), PrivacyMate, RoboShield, UltraVPN, VPN360, and VPN In Touch.  Some of the advertising services they use for tracking their customers include Adcolony (Digital Turbine), InMobi, Ironsource, Kovhia, and Unity.  UltraAV appears to be Pango's entry into the antivirus space.

I found an article on PCMag.Com discussing Kaspersky Lab's sale of its US customers to Pango here, which mentions they will automatically be migrated to Pango's UltraAV.

I have not seen a lot of information about UltraAV, but a post on Reddit shows that the UltraAV software installer is digitally signed by Max Secure Software India Pvt. Ltd., headquartered in Pune, India, so that must be whom Pango licensed it from.  Maybe at some point Pango will set up a company for UltraAV and have it digtially sign the files.  I looked around the websites for AV-Comparatives, AV-Test, and Virus Bulletin's and did not see any tests mentioning them, although it is possible I could have missed them.  I did not see them listed as a member of AMTSO, either.  They do not seem to be a member of Microsoft's Microsoft Active Protection Porgram program, either.

The website for the company is www.maxpcsecure.com, but I couldn't go any further than that, as my antivirus software blocked it as containing potentially unwanted content.

Regards,

Aryeh Goretsky
 

On 21/09/2024 at 17:25, Mockingbird said:

It auto install itself.

Yikes! Without notice? If it were me, I would uninstall it.

/Well, if it were me I would do a lot of somewhat unnecessary, over the top, overly complicated things first. No need to go that route.

I found more information about this.

UltraAV identifies itself as "AURA" and said that its website is https://www.aura.com/

Reviews are somewhat mediocre.

https://www.pcmag.com/reviews/aura

https://allaboutcookies.org/aura-antivirus-review

 

On 22/09/2024 at 18:54, Mockingbird said:

I found more information about this.

UltraAV identifies itself as "AURA" and said that its website is https://www.aura.com/

Reviews are somewhat mediocre.

https://www.pcmag.com/reviews/aura

https://allaboutcookies.org/aura-antivirus-review

 

Strange conclusion.

https://ultrasecureav.com/

  • Like 3
On 22/09/2024 at 18:57, adrynalyne said:

Strange conclusion.

https://ultrasecureav.com/

Aura bought Pango a while back.

Aura itself sells a security suite.

I am guessing that UltraAV is just the standalone antivirus.

On 22/09/2024 at 19:12, Mockingbird said:

Aura bought Pango a while back.

Aura itself sells a security suite.

I am guessing that UltraAV is just the standalone antivirus.

Pango has been split from Aura. 
 

https://www.prnewswire.com/news-releases/aura-splits-into-two-world-class-online-safety-companies-302236655.html

  

On 21/09/2024 at 21:58, goretsky said:

Hello,

Neowin has written about Kaspersky Lab's exit of the US market here and here, and you can read the statements from both the US Government and Kaspersky Lab as well.

It is my understanding that Kaspersky Lab sold their US customers to either Pango, LLC, which I think is a holding company registered in Chantilly, VA or Intersections, LLC, which does business under the name "Pango Group" that is a private equity firm and is registered in Boston, MA.  I think Intersections, LLC owns Pango, LLC (as well as Pango GmbH in Switzerland), although it is not super clear from looking at the pango.co website, and there's no entries for any of these companies on Wikipedia, which is just weird.  Anyways, Pango offers VPN services, as well as partners with third-party advertising networks to track users.   Some of Pango's brands include BetterNet, Hotspot Shield, IdentityDefense, Intrusta, PassWatch (a password manager, I think?), PrivacyMate, RoboShield, UltraVPN, VPN360, and VPN In Touch.  Some of the advertising services they use for tracking their customers include Adcolony (Digital Turbine), InMobi, Ironsource, Kovhia, and Unity.  UltraAV appears to be Pango's entry into the antivirus space.

I found an article on PCMag.Com discussing Kaspersky Lab's sale of its US customers to Pango here, which mentions they will automatically be migrated to Pango's UltraAV.

I have not seen a lot of information about UltraAV, but a post on Reddit shows that the UltraAV software installer is digitally signed by Max Secure Software India Pvt. Ltd., headquartered in Pune, India, so that must be whom Pango licensed it from.  Maybe at some point Pango will set up a company for UltraAV and have it digtially sign the files.  I looked around the websites for AV-Comparatives, AV-Test, and Virus Bulletin's and did not see any tests mentioning them, although it is possible I could have missed them.  I did not see them listed as a member of AMTSO, either.  They do not seem to be a member of Microsoft's Microsoft Active Protection Porgram program, either.

The website for the company is www.maxpcsecure.com, but I couldn't go any further than that, as my antivirus software blocked it as containing potentially unwanted content.

Regards,

Aryeh Goretsky
 

Apparently, my entire Kaspersky account including Kaspersky subscription has been migrated over.

On 22/09/2024 at 03:25, Mockingbird said:

It auto install itself.

wow, that's suspicious as hell.

Get rid if it ASAP using Geek/HiBit Uninstaller/ or any 3rd party uninstaller.

And keep eye on your connection (using Simplewall or similar firewall monitoring tool), observe which app trying to connect with UltraAV server. and block it in firewall.

On 23/09/2024 at 01:01, Danielx64 said:

So is this world wide thing?

Hello,

As far as I know it just in the United States, where Kaspersky Lab can no longer do business.

Regards,

Aryeh Goretsky
 

  • Like 2
On 23/09/2024 at 11:05, Xahid said:

So, after a little investigation, it appears that, UltraAV is Kaspersky in disguise

I don't think so, nothing in that FAQ leads me to believe they are the same at least, but we don't know anything about what "strategic partnership" entails.

However, I don't know how they'll work if the answer to that last question is really "No":

image.png.76f3650f5b110200a564c92e203bc479.png

For me at least, time to move to something else, no transparency and shenanigans from a security vendor, I'd rather get something known that has undergone some 3rd party testing at least.

On 22/09/2024 at 22:25, Mockingbird said:

  

Apparently, my entire Kaspersky account including Kaspersky subscription has been migrated over.

To be clear... You never seen any emails prior about this? No prompt on your computer asking you do this? You said tried to uninstall this software and it came back?

This is all shady as hell. I would still suggest clean Windows install, ask for a refund, and find another AV solution.

On 23/09/2024 at 05:49, Good Bot, Bad Bot said:

To be clear... You never seen any emails prior about this?

I got an email like this one about the same time UltraAV shown up.

kaspersky-beginning-transition-of-u-s-us

On 23/09/2024 at 05:49, Good Bot, Bad Bot said:

No prompt on your computer asking you do this?

No prompt. Kaspersky simply disappeared and UltraAV shows up.

On 23/09/2024 at 05:49, Good Bot, Bad Bot said:

You said tried to uninstall this software and it came back?

I didn't say that.

On 23/09/2024 at 22:10, Mockingbird said:

I didn't say that.

My bad... Misread a comment from you that it auto installed. You uninstalled it right?

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Microsoft's Aurora 1.5 weather model could make hurricane predictions a lot better by Paul Hill Microsoft has just launched a major update for its open-access Aurora Earth-system foundation model, Aurora 1.5. This extension adds 22 new weather variables that are relevant to energy, agriculture, transport, and climate risk. Additionally, it provides hourly temporal resolution and probabilistic ensemble forecasting. If you have ever tracked a hurricane or typhoon, you might be aware that there are various forecasting models available. The best of the bunch are generally considered to be the European Centre for Medium-Range Weather Forecasts (ECMWF) ensemble models. Well, with Aurora 1.5, Microsoft claims its model outperforms on 88.9% of evaluated targets. This model also performs better against its previous version, with testing showing that the ensemble median achieved a one-third lower track error for tropical cyclones, such as Hurricane Helene. While open access to Aurora 1.5 is great news for researchers, agencies, companies, and civil society, Microsoft will also be integrating it into its commercial products such as Microsoft Weather. We all know that AI can give some dodgy outputs, so it wants to couple Aurora 1.5 with physics-based models, such as ECMWF, rather than replace them. The best cyclone forecasts are those that draw from multiple models, and drawing in Aurora 1.5’s predictions will just add more depth to the composite forecast, potentially helping to make people safer. You can read the model’s paper or head over to GitHub to download it.
    • I started using Vivaldi again after maybe 2-3 years. I dunno what I didn't like about them. Maybe Floorp was just a shade better.
    • Google launches LiteRT.js to make AI and ML workloads faster in the browser by Paul Hill Google has just launched LiteRT.js, a new library that enables machine learning models to run locally within the web browser, bypassing the need for server-side processing. The firm said this will bring native AI performance to web browsers via its mobile-focused LiteRT runtime, though LiteRT.js also works on desktops. The new library uses WebAssembly and hardware acceleration such as WebGPU and WebNN to replace the slower TensorFlow.js, which uses a slower JavaScript-based kernel. The LiteRT runtime has been reserved for Android and iOS until now. With today’s update, Google is exposing the runtime via WebAssembly to turn the browser into a more capable platform for AI and ML workloads. The search giant claims that this new runtime delivers 3x greater speeds over existing solutions on current hardware. Specifically, it was tested on a 2024 Apple MacBook Pro with M4 Silicon. In the real world, for users on older hardware or using browsers with different engines, performance could vary significantly. For developers looking to switch over from TensorFlow.js, the process is straightforward. If you already have a .tflite file, you just need to switch your JavaScript runtime to LiteRT.js. However, if you have a TensorFlow/Keras SavedModel, then you can use the LiteRT Converter built into the Python TensorFlow package. You can read more about the conversion process on Google for Developers. Going forward, it will be interesting to see whether Google eventually sunsets or de-prioritizes TensorFlow.js in favor of LiteRT.js. It will also be interesting to see how it really performs on other hardware besides a MacBook. Source: Google
    • AltSendme 0.5.0 by Razvan Serea AltSendme is a minimal, cross-platform application designed for fast, secure, and private peer-to-peer file transfers. It allows users to send files or entire directories directly between devices without relying on cloud servers, accounts, or any personal information. Everything is encrypted end-to-end using modern protocols like QUIC and TLS 1.3, ensuring both strong security and low-latency performance. Transfers are verified with BLAKE3 for data integrity, and interrupted downloads automatically resume, making the experience reliable even on unstable connections. You can transfer anything—images, videos, documents, and more. Integrity checks are performed on both ends, so your files are automatically verified for correctness during both sending and receiving. AltSendme works seamlessly across local networks or long-distance links, capable of saturating multi-gigabit connections for extremely fast delivery. With built-in NAT traversal and encrypted relay fallback, it connects devices almost anywhere. The app integrates with the Sendme CLI and will soon support mobile and web platforms. Fully free and open-source, AltSendme offers a lightweight, privacy-first alternative to traditional cloud-based services, removing size limits, upload costs, and unnecessary data exposure. AltSendme 0.5.0 changelog: Web version available at app.altsendme.com Zero analytics, please raise issues as you come across them Harden app trust boundaries More test coverage - added end-to-end test cases verifying receiver temporary directory lifecycle and resume behavior Added disarm mechanism to AutoCleanupDir to support preserving partial downloads for resume Bug fixes Download: AltSendme 0.5.0 | ARM64 | ~9.0 MB (Open Source) Download: AltSendme for MacOS | Android Links: AltSendme Home Page | GitHub | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Microsoft explains the different types of Windows updates you get by Usama Jawad If you're a regular reader here at Neowin, you're probably well-versed on the subject of Windows updates. We cover them quite extensively, regardless of their scope. This has become even more important in the evolving threat landscape where AI is being used to exploit security issues in software, which now needs patch deployments more often than before. Now, Microsoft has shared a brief explainer differentiating between the different types of updates delivered by the company. The first kind of Windows update is Patch Tuesday, which is delivered on the second Tuesday of each month. A recent example of this is the KB5094126 update offered to Windows 11 users on June 9. Patch Tuesday provisions security and non-security content, and is cumulative in nature, which means that if you install the latest version, you'll also receive all the updates present in previous versions. IT admins can leverage various tools like Autopatch, Intune, Windows Server Update Services (WSUS), and more to deploy Patch Tuesday across their organization. They can also utilize hotpatching, which ensures that only security updates are quickly applied and a device restart isn't needed. People also refer to Patch Tuesday releases as "B" release, quality update, security update, monthly cumulative update, and latest cumulative update (LCU). Next, we have optional non-security preview updates that become available in the fourth week of each month. They act as a precursor to the upcoming Patch Tuesday, enabling IT admins to test and validate the release before they deploy it more widely the following month. If you're on a non-IT-managed device, you can install these through Settings > Windows Update > Advanced options > Optional updates. People also refer to this update as "C" or "D" release, but "optional non-security preview update" is now the preferred terminology. Finally, we have out-of-band (OOB) updates which can be released at any time, typically to fix a major issue or a security risk. OOB updates are also cumulative, and while some are highly recommended, others are optional. Enterprise customers can leverage their regular update management tools to deploy these releases. Outside of this, Microsoft also rolls out Windows 11 features via annual updates, monthly updates, and the Microsoft Store. The firm uses Controlled Feature Rollout (CFR) to stagger rollout, and for enterprise customers, capabilities managed via this technology are usually disabled by default. Regardless of update cadence, Microsoft has urged IT admins to keep their organization updated and secure, and also encouraged users to join the Windows Insider Program (WIP) if they want access to the latest Windows 11 features.
  • Recent Achievements

    • Dedicated
      BenTuckett1997 earned a badge
      Dedicated
    • One Month Later
      SRODERICK earned a badge
      One Month Later
    • Community Regular
      Case_f went up a rank
      Community Regular
    • One Month Later
      Jeroen Wilms earned a badge
      One Month Later
    • First Post
      BrianMunton earned a badge
      First Post
  • Popular Contributors

    1. 1
      +primortal
      399
    2. 2
      +Edouard
      153
    3. 3
      PsYcHoKiLLa
      129
    4. 4
      Nick H.
      87
    5. 5
      neufuse
      77
  • Tell a friend

    Love Neowin? Tell a friend!