Watch out for UltraAV Armor package

[The_Doc_Man]

A couple of years ago, about the autumn of 2024, the Kaspersky Anti-Virus and Internet Protection package became unavailable in the USA. Kaspersky advised its customers to look at Ultra A/V and Internet Security. When I followed the e-mail link, Ultra A/V installed itself, though I blocked it. I removed Kaspersky AND the remnants of Ultra A/V. I had evaluated UltraAV and other packages at the time and chose another source. On-line ratings for UltraAV were abysmal. To avoid a semblance of advertising, I will not reveal which package I installed. However, I can say that I have had no trouble since then... until I checked my credit card bill today.

I found a charge by UltraAV for $119.99 (US dollars) claiming to be an automatic renewal of a product I had never installed willingly. I checked my credit card statements for the last year and didn't have any other charges from UltraAV. When I went online, I found SEVERAL reports of people getting a "renewal fee" on their credit cards from UltraAV and most of them had other bad things to say about the product as well. I have filed a dispute with my credit card company and have sent an e-mail directly to UltraAV demanding that they unsubscribe me and reverse that charge.

My point in posting this is simple: IF you had a USA copy of Kaspersky A/V and were caught up in the original UltraAV foolishness - including involuntary installation - check your credit card that you used to originally purchase Kaspersky. See if UltraAV is proving why we SHOULDN'T use their product.

 

[KitaYama]

When I followed the e-mail link, Ultra A/V installed itself

Would you please explain how following a link in a mail, ends up to a software being installed? Didn't you select/click anything to download and install?
Thanks And happy new year.

I also don't understand why people still use third-party antivirus software, especially those who have good knowledge about PCs (like you or other experts here).
I haven't used antivirus since maybe since WinXP and have never been infected.
My rules when I sit in front of a PC:

• Never open .exe attachments in emails.
• Never access sites when Chrome tells me the site is unsafe.
• Don't install Flash.
• Install apps only from their official sites.
• During install processl, read every dialogue carefully if the app is free, to uncheck any optional files/apps they try to install.
• Don't click ads, even on trusted sites. If something's interesting, Google it and go to its official site via google.
• Keep Windows up to date.
• Have a clean image of the PC. In case of infection, it takes less than 20 minutes to go back to a clean version.

The only left threat is zero-day-threat, which I believe is the same for all, even those who use third party antivirus software.

By following above rules, Windows Defender has always been more than enough for me.
Have I been only lucky? (for not being infected)

Why no antivirus?
Because they’re resource-thirsty apps that treat my PC like an all-you-can-eat buffet.
I prefer my PC protected by myself rather than being slowly eaten alive by the protection itself.

---

 

[The_Doc_Man]

Would you please explain how following a link in a mail, ends up to a software being installed?

I can't tell you exactly HOW it was done, but do a Google search on "UltraAV auto installed." Regardless of how it was done, it happened. I believe it somehow got involved with Kaspersky uninstalling itself and replacing it with UltraAV. An e-mail seemed to be the trigger. Or one of the triggers. But as to how it happened?

Have you never heard of computers getting whacked by malware for following a malicious link? One of my fellow sys admins at the Navy went to the New York Times on the Web site and opened an article about a new Congressional investigation. But it had been hacked and redirected and suddenly there was a massive download of sexually oriented articles. Since I chose to NOT study the course on being an Ethical Windows Hacker, I can't tell you the mechanism, but I have seen it happen. It took our IT people two days to clean out my friend's computer and I can't tell you how many files he lost.

I also don't understand why people still use third-party antivirus software, especially those who have good knowledge about PCs

Because to be thorough, If I am taking personal and direct responsibility to keep my system safe, I have to keep up with literally a thousand or more CVE reports (computer vulnerability and exposures) per year, and each of those CVE reports applies to more than one computer at my home. Excuse me, but if I have to do that to protect my computer, my wife's computer, and our going-on-vacation laptop vs. taking away my personal time to manage a system in a way to avoid triple exposure, I might actually do that commercially.

But let me ask the question this way. When I want to create certain types of documents, why do I buy a license for Office when I surely have the programming acumen to build my own utility? And of course, if I want it efficient, then maybe I would buy a code compiler or assembler. But then I could build one of those myself, too. Then why don't I do that?

Perhaps because - like everyone does when in the world of work - we trade our time for that bit of money called a salary. And when we get home, we trade a bit of that salary so as to NOT have to continuously roll our own software from the ground up. Why does ANYONE buy rather than build? Because when you balance your time to build something vs. the monetary value of your time to build that something, it is cheaper to purchase.

KitaYama, I wrote that paragraph in a matter-of-fact style so it might come across as a little bit blunt. It was NOT intended as a personal attack. Your society might look at this differently, but I have to ask. Has there NEVER been a project in your life for which you hired someone to do it rather than do it yourself. Have you EVER hired a plumber, electrician, or carpenter for home repair? Have you ever tried to build your own road-compliant vehicle? Just open your horizons to non-computer situations and you will see that part of the problem is that we simply CANNOT be experts in everything. And given the complexity of the threats out there right now, I'm not up on all of the issues I would need to completely protect my machine. So I see a product from the supposed experts in the business. And I use my expertise to evaluate the product offerings. And when I'm done, I purchase a 3rd party solution.

 

[The_Doc_Man]

And now a pleasant report. When I sent an e-mail to UltraAV about this incident, they responded favorably by cancelling my subscription (which must have been left over from their alliance with Kaspersky.) They said it would take them 5-10 business days to reverse the charges, but they promised to do so. I will give them a chance to make it right before escalating it any farther.

 

[KitaYama]

KitaYama, I wrote that paragraph in a matter-of-fact style so it might come across as a little bit blunt. It was NOT intended as a personal attack

I never take any comment as a personal attack, specially from you. I asked a question, and you simply described your side of story. That's all.
And thanks for the detailed reply.

 

[KitaYama]

When I want to create certain types of documents, why do I buy a license for Office when I surely have the programming acumen to build my own utility?

Not arguing, but you didn't get the point. I didn't say write your own antivirus.I also didn't mean you be your own plumber. I said when you have a plumber at home, why calling someone else.
Windows come with Windows Defender. I asked why using a third party app. My question was why turning off Windows defender and going to another app.

I wasn't criticizing you or others. As I said you and others understand better than me. I wanted to see the reasons you chose Kasperkey over Windows Defender.

 

[Joan Wild]

I haven't used antivirus since maybe since WinXP and have never been infected....

Windows Defender has always been more than enough for me.

FYI, Windows Defender IS an antivirus, among other things.

 

[The_Doc_Man]

I wanted to see the reasons you chose Kasperkey over Windows Defender.

Fair enough. I may have misunderstood the intended scope of your question.

Originally, when I chose Kaspersky, it was approved for use on USA government computers. Knowing how exacting the government was, I knew if it could pass their tests, it was good. And in that context, the recommended product from the U.S. Navy was a tossup between Kaspersky and two other products I don't recall at the moment.

However, different political groups decided they couldn't trust Kaspersky because it was Russian-made and the Russian hackers had just pulled off the Solar Winds/Orion hack that affected literally thousands of government computers. Kaspersky became persona non grata... well, ... automata non grata. The government solution was to ban the sale of Kaspersky in the USA. Which meant I HAD to change A/V packages, even though I was now retired and not likely to deal with government files any more from at home.

Once I realized that Kaspersky was not going to be viable for future use, I went online and did a "features" comparison among perhaps about a dozen products. Desirable features included scheduling downloads of updates, the ability to easily allow or disallow certain sources, and the ability to do precisely targeted "spot scans" of files on alternate devices. I could schedule background-mode full or quick scans at specific times on specific days to match my work patterns. There was also the matter of having logs available to see what exactly was triggered. I had my CompTIA Security+ textbook handy and got a list of features that became part of the list of "desirable abilities." Kaspersky, if it had remained available, would have passed the test with about 95% score. Defender was lower. The one I eventually chose was also about 95%.

Defender was passable. UltraAV, at the time, was unacceptable in features and in reliability. For example, I found cases where UltraAV actually crashed computers during background scans. At the time, my choice seemed logical and viable. The cost compared favorably with Kaspersky. If I recall correctly, one other package would have passed at about 90% but its online reviews indicated that it had an awkward control panel when compared to my choice (and when compared to Kaspersky.) Defender didn't seem as feature-rich and its signature updates seemed limited. So I rejected Defender as doing a lesser job than a couple of other packages.

 

[GPGeorge]

There are very, very few black and white decisions. I well recall the contretemps surrounding Kaspersky. For a while I used other Anti-virus tools, but eventually, it seemed that Microsoft's Defender became good enough and easy enough and ubiquitous enough to decide maintaining a separate tool wasn't worth the extra bother any longer.

I guess, though, it's reasonable to revisit such decisions from time to time to reassure oneself circumstances haven't changed enough to warrant a new choice.

 

[The_Doc_Man]

I guess, though, it's reasonable to revisit such decisions from time to time to reassure oneself circumstances haven't changed enough to warrant a new choice.

True enough - but the contretemps regarding Kaspersky came to a head in September of 2024, so my review and comparison of the available products was less than 18 months ago. "From time to time" makes perfect sense. But the evaluation for me occurred recently enough that "time to time" hasn't reached the next evaluation time.

 

[AccessBlaster]

As KitaYama pointed out earlier, third-party solutions tend to be resource hogs and will sometimes crash your system. The cost and the constant nagging are additional reasons I avoid them. Lastly, if your solution relies on detecting virus “signatures,” you’re wasting your money, because new variants aren’t registered yet.

 

[The_Doc_Man]

Which is why "heuristics" and "behavior patterns" and selective memory protection features are also in the list of desirable abilities. AB, I'm well aware that zero-day attacks exist, long before a signature becomes available. That was true and well-known 15-20 years ago. In order for Windows Defender to do everything that the commercial packages do, it would have to be as big as the other packages. It would have to be as intrusive as the other packages.

 

[AccessBlaster]

The only real defense is a clean system image stored on a removable.

 

[KitaYama]

FYI, Windows Defender IS an antivirus, among other things.

I meant third party antivirus. I think it was obvious.

 

[The_Doc_Man]

Oddly enough, in that context, Windows Defender is NOT a 3rd-party A/V package. It is a 2nd-party package, as it is bundled with Windows.

You, as the buyer, are the party of the 1st part. MS is the party of the 2nd part. And a non-MS A/V package would be of the third part. But that is just splitting hairs and picking nits.

 

[KitaYama]

Oddly enough, in that context, Windows Defender is NOT a 3rd-party A/V package.

I think one of my difficulties with English is forgetting how different our language is from yours. The way we communicate differs greatly from how native English speakers express themselves. In our language, we often omit large parts of a sentence because the structure makes the meaning clear. In English, however, this works differently.

Comment addressed to me:

FYI, Windows Defender IS an antivirus, among other things.

My response to above comment:

I meant third party antivirus. I think it was obvious.

By above response I meant :
I know Windows Defender is an antivirus. When I said I don't use antivirus, I meant I don't use third party antivirus apps.

I didn't mean Windows Defender is third party app.

 

[The_Doc_Man]

In our language, we often omit large parts of a sentence because the structure makes the meaning clear. In English, however, this works differently.

I will be the first to admit that English very commonly omits something necessary for clear understanding. Since English has borrowed words from MANY other languages and ends up with insanely complex linguistic structures, I am not at all surprised that you are confused with it. The only thing I can think of that would make English worse is to retain all English words including the borrowed cognates but require German word order.

I'm 77 years old, have spoken English as my primary language since I could talk, and have studied the structures of other languages. my biggest point of surprise is that any of us can communicate with each other at all. What is it that our British friends say occasionally? That we are two people separated by a common language.

Isn't language FUN? Sometimes, our best response is to laugh at our own linguistic inaccuracy.