Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

What Is Ultra AV, and Why Did it Show Up On My Machine?

International politics playing out on your desktop.

If you've suddenly found an unfamiliar antivirus program running on your computer, you're not alone.
Ultra AV home page.
(Screenshot: askleo.com)

Some people suddenly have an anti-virus tool they don’t recognize and have never heard of.

Honestly, with little notice, it almost sounds like malware. It’s not. I think.

Here’s what happened and what I recommend you do.

Become a Patron of Ask Leo! and go ad-free!

TL;DR:

Kasperskey gave you Ultra AV

Kaspersky users in the U.S. unexpectedly found their antivirus program replaced by Ultra AV because of a government ban. Ultra AV is, as best I can tell, mediocre and unfamiliar. Kaspersky’s actions lack transparency and could have been handled better. I recommend you uninstall both Kaspersky and Ultra AV. Rely on Windows Security or choose a more trusted and recognizable alternative.

You were running Kaspersky

The common thread here is that you were almost certainly running the Kaspersky Antivirus program, and it has now been replaced by Ultra AV.

As reported previously, Kaspersky was banned in the United States earlier this year; the deadline was the end of September 2024. After that, you could not download the program and existing installations could no longer update the program or the database of malware definitions.

The ban essentially rendered Kaspersky’s tools impotent.

Kaspersky’s action

As the deadline drew nearer, anyone with Kaspersky still installed found that it had been replaced by Ultra AV.

Kaspersky apparently worked out a deal with Ultra AV, and the program was transparently replaced without asking. The stated goal was to ensure that your machine continued to have malware protection after Kaspersky could no longer provide the service.

That’s a laudible goal, but the execution leaves much to be desired.

Is Ultra AV any good?

Well, at least it’s not malware.

The reviews of the product I’ve seen are “meh”. It’s apparently not horrible but not great. “Middle of the road” would, I suppose, be an appropriate description.

More concerning to me is that I (and apparently many others) had never heard of Ultra AV until this happened. Honestly, I don’t find that encouraging at all. I know everyone has to start somewhere, but to have a relatively unknown security program suddenly take the place of a formerly respected tool feels underhanded and suspicious.

It’s unclear when you’ll have to start paying for Ultra AV. Ideally it wouldn’t be until your Kaspersky subscription ends but we’re not sure. There have also been reports that that it also installs its VPN and identity protection component, without asking.

It reflects poorly on the tool, no matter how good it might be.

What Kaspersky should have done

In my mind, Kaspersky should have done something along these lines.

  • Established a relationship with a top-tier U.S. security package. Yes, this would mean reaching out to their direct competitors.
  • Ideally, that relationship would have involved the new entity taking on the existing subscriptions and terms of Kaspersky customers affected.
  • Told their users what was going on.
  • Given their users enough warning.
  • Given their users a choice. Ultra AV could have been one, I suppose.
  • Informed their users what would happen if they did nothing. Presumably, this would have resulted in the scenario we see today except with informed consent.

In other words, they could have been much more open and professional about the entire process. As it is, it feels like Kaspersky is leaving the US market with a big “screw you” as the message. It might not be their intent, but it certainly feels that way.

And it’s tarnished their reputation. If they care.

Do this

So, what should you do? Decide for yourself.

You could certainly do nothing and keep Ultra AV. It’s OK, best I can tell.

In your shoes, however, I would do the following.

  • Uninstall anything left of Kaspersky. (Possibly aggressively using a tool like Revo Uninstaller; Kaspersky has lost much of my trust because of all this.)
  • Uninstall Ultra AV.
  • Let Windows Security take over the job. It’s already on your machine, and it’ll step in if no other security solution is present.

If Windows Security isn’t your thing, there are plenty of fine alternatives out there — alternatives that are not only highly rated but programs you’ve actually heard of.

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Podcast audio

Play

4 comments on “What Is Ultra AV, and Why Did it Show Up On My Machine?”

  1. In Canada, Kaspersky’s actions fall under Canada’s Anti-Spam Legislation. It is illegal to install software on someone’s computer without their consent. If this happened to any Canadians, they could raise a complaint with the CRTC. If the CRTC investigates and confirms it, the person/business doing it could be fined. Of course if the offender is not resident in Canada, there’s not much the CRTC can do to you.

    Reply
  2. The one thing Kaspersky’s final action, following the U.S. ban has shown me, is that my decision to not use their software on any of my computers, after Russia invaded, and took possession of Crimea, was correct. Around that time, I decided that I’d not use any software developed by any company based in Russia, not because of where the company’s located, but because I have/had no trust in the ethics of Russia’s government. The fact that the U.S.A., several years later, took a similar direction, only serves to confirm the validity of my initial instincts.

    I take a similar attitude with software developed in China, for similar reasons. Let’s face it, we have no reason to trust in the ethics of these two governments (Russia, and China), or that any companies based there would warn users if anything unscrupulous was going on. For that reason, I don’t use TikTok on any of my computers, in fact, I don’t even watch TikTok videos on Facebook.

    As a U.S. citizen, who believes in freedom of choice, these are the decisions I’ve made for myself, and my reasons for making them. Depending on where you live, or the political decisions you’ve made, your choices may differ. That’s another result of freedom of choice at work, and is as it should be. The only thing I ask is that you consider what I’ve said here as you make up your mind about whose software you’ll install on your computers.

    Ernie (Oldster)

    Reply
  3. Trust a Russian or Chinese to keep you safe…apparently not.
    I have been using Microsoft Defender for the last many years (free) …Works fine,
    and does not rely on constant scare pop ups that some other free services use.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.