U.S. KL users/UltraAV migration mess: tip

DISCLAIMERS:

This is offered SOLELY for informational purposes to assist (US) KL customers potentially impacted by KL’s cessation of US service and “migration” to UltraAV*.

I am NOT shilling for or defending KL or UltraAV, whose handling of this mess has been abysmal.

Nor am I – a longtime KL customer – here to bash KL.

I am merely a longtime KL user with a tip that MIGHT help to prevent your falling victim to the UltraAV forced-install problem or similar complications.

 

If this devolves into ANY sort of political or other non-productive ranting, I will ask the Moderators to immediately lock this thread.

 

TIP:

Log into your my.kaspersky.com account and “DISCONNECT” ALL YOUR DEVICES.

 

TL/DR:

I did not experience the UltraAV forced-install problem, perhaps because I proactively uninstalled KL software from my Windows PC and my mobile phone** before September 19th. And I confirmed that all of my KL subscriptions had expired. So, there was no active subscription to transfer or migrate.

BUT, all of my current devices were still listed as “connected” to my account at my.kaspersky.com.

So, for further protection against the infuriating possibility of a forced installation of this no-name AV product, it seems prudent to remove all traces of & connections to one’s devices at the my.kaspersky.com portal.

 

Alas, if you were an UltraAV forced-install victim, your only recourse may be to seek support from UltraAV.

 

*If you live outside the US, but were impacted by the UltraAV debacle, then KL explicitly confirms that you must be using a geo-located US license. This whole mess should NOT impact non-US customers with non-US licenses (it has always been the KL practice to geo-locate their software licenses).

 

**Mobile phones do not seem to be part of this mess, either. Digital River did offer me a few weeks ago a subscription to Bitdefender Mobile. But it was explicitly “opt-in” and I did not accept. I manually uninstalled KISA. And there has been no attempt to force-install Bitdefender on my Android phone.

 

REFERENCE:

https://www.bleepingcomputer.com/news/security/kaspersky-deletes-itself-installs-ultraav-antivirus-without-warning/

 

Update

Another important warning for US customers with KL subscriptions

Short version:
UltraAV/Pango apparently plans to (silently) auto-renew your subscription, even if you don't have their software, UNLESS you explicitly & proactively cancel.

TLDR:
Despite having proactively uninstalled KL software from PC, having disconnected all my devices from my KL account, **and** having replied in no uncertain terms to marketing emails from UltraAV/Pango, I continued to be hounded by the company offering me by unsolicited emails their products under my "subscription".

I sent them one, final email, using (shall we say) colorful language demanding that they cease & desist from marketing, emails, subscriptions, any further communication, and any attempts to sell, renew or install their software.

Imagine my surprise upon receiving yet another email notifying me that they had FINALLY "stopped auto-renew" on my "subscription".

"Pardon my French", but W T F.

It seems that, had I not sent that final "cease and desist" email, they fully intended to auto-renew my subscription and charge me for their software even though I was & am not using it.

So, if you think you are done with this predatory company, you may not be. If you had/have a valid KL subscription, UltraAV/Pango plans to take your money if you don't actively & explicitly tell them to
CANCEL AUTO-RENEW.

WOW. JUST WOW.

MoxieMomma:

 

Thank you for your posts.  I too am appalled that any reputable AV company would silently force-install another product without the explicit consent of their customer.  That Kaspersky would and did install UltraAV and then also share payment and customer information of US Kaspersky account holders to Pango without permission is simply unacceptable.

 

I migrated from Bitdefender Total Security to Kaspersky Premium in May.  I was very, very impressed with Kaspersky Premium.  It is excellent software, but when I learned what had been done to their US customers, I had to wonder, as a Canadian, what else Kaspersky could potentially download or do to their customers in other countries.  Last week, I disconnected all four of my devices from my Kaspersky account, which remains open for now (I purchased a two-year, five-seat subscription).  I purchased ESET Smart Security Premium (four seats, two years) a week ago.  I am very impressed with that product.

 

I have posted my views on the Kaspersky Forum last Saturday, but my topic has been ignored.  It appears to be "business as usual" at Kaspersky.

 

What they did was absolutely incredible.  I have to question their corporate ethics, not their nationality, so I would respectfully ask cryptodan to refrain from posting in your topic to express his oft-stated view that anyone who purchased any product from their country of origin got what they deserved.

 

The issue is corporate ethics.  I am certain that I will not be the only non-US customer to reconsider purchasing Kaspersky products in the future.  I wasted some money, but education is expensive.  I cannot support ANY company that would do what Kaspersky did.

 

As you would say, MoxieMomma, "that's just my two cents, . . . and worth less."

 

Thank you again for your posts.  Have a great day.

 

Regards,
Phil

Hi, Phil:

Thanks for your post.

I'd like to think that KL genuinely wanted to provide their customers with an alternative & they had few options. Moreover, KL was entitled to recoup some of the revenue lost from the US market. And KL did notify customers, albeit VERY poorly.

But the Pango "partnership" was badly executed. 99% of the blame lies with this unethical, predatory company, rather than KL. After all, KL had no control over Pango. Pango's silent, backdoor software installs without a proper, transparent opt-out procedure was and is unacceptable. Relentless unsolicited marketing emails are annoying. But planning to charge former KL customers for *Pango* subscription "auto-renewal" borders on criminal behavior. (I always bought standalone KL licenses from a large internet vendor, not directly through KL. So Pango would have no way to illicitly access *my* credit cards or bank accounts. But other former KL customers might not be so lucky.)

KL should have bowed out gracefully.
They unnecessarily damaged their reputation by partnering with Pango.

A sad & infuriating end to a sad saga.

MM

PS ESET has been fine, but it's not Kaspersky. Sigh.

MoxieMomma,

 

Indeed, ESET is not Kaspersky.  That was the most capable AV solution I have used since 1988 in the days of DOS 3.1!  Still, I think it is much better than Bitdefender.

 

That said, you, and others, might be interested in my experience today.  On Fridays, I run a Malwarebytes Premium scan of both of my computers.  Guess what: Even though I uninstalled Kaspersky via Add/Remove Programs, then rebooted, and then ran the KAVREMOVAL program, rebooted again multiple time since last Friday, today Malwarebytes found Kaspersky setup files in both computers in my "Program Data, Kaspersky" folders today.  I don't have Fast Startup enabled, and my computers are shut down every evening.  The Malwarebytes scans identified the files as: https://www.malwarebytes.com/blog/detections/malware-ai.  Prior to K's removal, I had exempted K from MBP scans to avoid conflicts.

 

I just did a Nirsoft RegScanner of my desktop registry this afternoon.  There are 178 Kaspersky registry entries, some dated later than the date I removed Kaspersky from my computer.  I have some cleaning to do!

 

When a company does what Kaspersky did, and is apparently still doing, that is highly unethical, IMHO.  Their removal tool should do just that: remove all traces of Kaspersky!  In my view, K is acting like malware.

 

You, and other former Kaspersky customers, might want to download the RegScanner program, and also check for a Kaspersky "Program Data" folder.

 

Have a great day.

 

Regards,
Phil

 

PS: Perhaps "Uncle Sam" was right: Kaspersky is not to be trusted.  I think I shall have to close my Kaspersky account sooner rather than later, but not before I post there on their Forums once more before I am banned and my posts deleted.  I really am embarrassed to admit that cryptodan might have been right! 

To conclude my saga with Kaspersky, last evening I tried to post in my topic there which had received no replies for almost a week, explaining my concerns as listed in paragraphs 2 to 4 in above post.  As soon as I hit the "POST" button, I was informed by a red popup notice that any reply would have to be approved by a Moderator.  I just came from visiting the Kaspersky Forums this afternoon.  My reply was never approved to be posted and my topic is locked.  That explains the lack of responses.  No one was able to post to my last Kaspersky topic without Moderator approval.

 

If anyone is interested, here is a link to a screen capture of my last successful post to the Kaspersky Forums that ran afoul of the Kaspersky Moderator: https://flic.kr/p/2qnf3KF.

 

I have just now deleted my Kaspersky account, NEVER to return.  Now I must clean up my computer of Kaspersky remnant files and registry entries.

 

Have a great day.

 

Regards,
Phil

Wow.

The wheels appear to have fallen off at KL, at least on the consumer software side.

What a shame, given the company's long history as one of the premier cybersecurity organizations.