Search the Community

Thanks for the quick response and solution. I checked the website for any other, jist now it has been marked with CRDF also, any recommendations here and how you chekc if the website is not flagged by any other. Thanks and regards

Thank you very much for your quick response

Hello there. I was making a thread to list a few changes and possibly bugs to Kaspersky Standard 21.17 transition to 21.18 and now you've mentioned scan/verify files quick menu using mouse cursor no longer exist have made open my eyes. Going have to edit my thread about this. And thanks for sharing this finding.

Sorry for not answering timely. l don't have wifi or permanent internet access. 1. lt's 24.6.0.1874 (64-bit) 2. lt's 1.3.7.1 3. Yes 4. l installed it once upon a time from extension store iirc. l don't remember. lt became problematic recently. lt didn't give warnings before. 5. l can not get it to show me the warning now. lt is undeleteable though. l just deleted another extension and its gone but adlesse comes back. l open extensions folder in AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions and its folder literally manifest itself right in front of my eyes as i launch the browser.

Hello @megala, Welcome! It's not necessarily a matter of 'better or worse', it's personal choice. About protection through hardware virtualization in Kaspersky applications. About protection using hardware virtualization. About protection of data entered on the computer keyboard. Thank you? Flood?+?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. In cases when you need to diagnose an intermittent network issue, or capture an event that occurs only once in a while, you may need to use ring-buffer mode in Wireshark. In this mode, the number and overall size of the capture files will be fixed and when the limit will be reached, the newest data will start continuously overwrite the oldest data in the capture buffer. Below, you will find instructions for how to configure this capture mode: Download and install Wireshark from the official website, if you have not done that already. Launch Wireshark and click Capture options. On the Input tab, uncheck option Enable promiscuous mode on all interfaces and select interfaces from which you want to capture traffic. If you are not sure which ones to select, look at the graphs in the Traffic column to determine which interfaces are active and select all of them. If you are completely lost, you can also select all interfaces. On the Output tab you configure where the resulting files will be saved, the ring buffer capture is also configured here. It's a good idea to create a separate folder to store the capture files. The screenshot below shows optimal configuration for the capture settings. Note that the space occupied by the capture files will be equal to the size of a single capture file multiplied by the number of files in the ring buffer. In our example it's 500 MB * 8 = 4000 MB, which is the optimal size to upload to Company Account portal. You can modify these parameters to allocate more or less space for the capture files, though we don't recommend making it less than 2 GB. Use of compression is optional. With it, more data can be stored within the same file size, but it also can increase load on the CPU. Disable this option in case of performance problems. When everything is configured, click Start to start the capture. Please, pay attention that when capturing traffic in the ring buffer mode, it's very important to monitor for the occurrence of the event that you need to record and disable capture as soon as possible after the event has occurred, otherwise the relevant part of the capture may be overwritten. The timing is especially important, when using smaller sizes of the buffer. When the capture is finished, click Stop capturing packets, then Close this capture file. Pack the resulting files into an archive and upload it to your Company Account.

I have kaspersky premium given to me but I'm not the account owner. I have read a couple of threads on here and some of the documentation. But it remains a little unclear and vague. What can the account owner specifically access on my device? What can they specifically see? What can they specifically do? Can I please get clear definitive answer please? For example: -can they see file list, names and paths? -can they see other devices and hardware connected? Think a PC running kaspersky with connected external drive, camera, network PC and so forth. -can they see logins and passwords using the password manager? In a thread I saw someone say no, but the official documentation for shared accounts in password manager data sync seems to indicate yes? -can they see what programs or software is installed? -can they see optimization suggestions, PC startup suggestions and so on that premium shows the user? -can they see what identity searches were done or what identities are being protected? A privacy protection function of premium that shows the user if their data has been leaked elsewhere -can they see vault and content? -can they see safe kids users, when accessed and so forth? -can they run quick scan? Full scan? If yes, in the results of these, can they see any of the above? What if the scan shows an issue or infection can they then see any of the above? -can they see what modules are not installed or used? Eg VPN, password manager. And can they enable it remotely anyway? -can they update the signatures DB? -what else can they do? -what else can they see?

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. There is an example of a step-by-step instruction to configure Single-Sign-On (SSO) for KATA 4.1/5+/6+ into HOME.LAB domain. Prerequisites Deployed Central Node Server Name should be FQDN. (In current case FQDN name of Central Node - kata-cn.home.lab) It can be checked via Settings/Network Settings of Central Node. A and PTR record should be set for Central Node in DNS. Domain User Account should be created to set up Kerberos authentication by means of keytab file (in current case Domain User Account is kata-sign-on). AES256-SHA1 encryption algorithm should be enabled into created Domain User Account. Step-by-step guide to create keytab file On Domain Controller: Launch CMD As Administrator Execute the following command to create keytab file C:\Windows\system32\ktpass.exe -princ HTTP/kata-cn.home.lab@HOME.LAB -mapuser kata-sing-on@HOME.LAB -crypto AES256-SHA1 -ptype KRB5_NT_PRINCIPAL -pass * +dumpsalt -out C:\TEMP\kata-sgn-on.keytab The utility requests the kata-sign-on user password when executing the command. The SPN of the selected server is added to the created keytab file. The generated salt is displayed on the screen: Hashing password with salt "<hash value>" For multiple Central Node servers you need to save "<hash value>" of hashing password to add an SPN for each subsequent Central Node servers further using ktpass.exe utility. On Central Node Web Interface Move to Settings/Users/Active Directory Integration Add the created keytab file: Keytab file status section contains File which contains SPN for this server The file contains section HTTP/*****@*****.tld Under Users tab click Add and select Domain user account. Set domain user as <username>@<domain> On client machine Host should be joined to the same domain. Domain user should be logged in with account added into the Central Node. Open Control Panel/Internet Options Click on Security and select Local Intranet Click on Sites and then on Advanced Add FQDN of central node - kata-cn.home.lab Close windows: Launch Web Browser and access to Web Interface of the Central Node https://kata-cn.home.lab:8443 and it should be opened without asking any Login/Password.

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This instruction is relevant only in case of troubleshooting incorrect loading or rendering of a web page. In order to troubleshoot issues KES network traffic related issues traffic dump is required. It is easier to analyze and does not require third-party software installation. If reproduction of the issue requires the web browser to open web pages(such as web control non-working as expected, web page not loading, and so on), the tests should be performed in Incognito mode(also known as private browsing). Chrome browser: Ctrl+Shift+N or you can start browser from terminal: & "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -incognito . Starting application from terminal will make launch key visible in traces and make diagnostic easier. Firefox browser: Ctrl+Shift+P or you can start browser from terminal: & "C:\Program Files\Mozilla Firefox\firefox.exe" -private-window . Starting application from terminal will make launch key visible in traces and make diagnostic easier. Microsoft Edge: Ctrl+Shift+P Opera browser: Ctrl+Shift+N KES11/12 Instructions Disable KES11/12 Self-defense Navigate to the following registry key: x86: HKLM\SOFTWARE\KasperskyLab\protected\KES<Build version>\environment\ x64: HKLM\SOFTWARE\Wow6432Node\KasperskyLab\protected\KES<Build version>\environment\ Create a string type value named DumpNetworkTraffic : DumpNetworkTraffic = (REG_SZ)"1" Restart the product or reboot the host Traffic dump files will be saved to %ProgramData%\Kaspersky Lab\KES<Build version>\Data\traffic Once the issue is reproduced compress the whole traffic directory Do not forget to disable traffic dump collection. To do so delete DumpNetworkTraffic value.Then restart the product or reboot the host.

Once again I answer my own questions because I am too quick to post. After literally 5 minutes of research, I was able to find out that Kaspersky's drivers are indeed running as ELAM (Early Launch Anti-Malware) drivers: Probably obvious, but I wanted to make sure. And now anyone with the same question knows as well.

Hi there, There is a file called d5_launcher.exe in our software, and we used Kaspersky/OpenTip to scan this file, the result is safe and clean. However, sometimes when using our software D5 Render (a 3d rendering program for architecture, based on UE5), Kaspersky will suddenly start warning and deleting our file d5_launcher.exe. It said the file is Trojan.Win32.Generic. ( we did some searches, and maybe it is related to our keyboard shortcuts? The problem is that we cannot let all users to click Trust the file manually, which is inconvenient. So I'd like to ask you guys, is there a way to upload our files before we release our updates? so Kaspersky will trust those files and do not affect our users from using D5 Render. ( Avast and some other AV software provide us an address in FTP to upload files, and we upload files before we release a new version each time) Thanks in advance!

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials. This article is about Kaspersky Endpoint Security for Windows (KES for Windows) aescrypt.zip and TestProgExp.zip can be found here. Remote encryption test This test requires two participating workstations: an Attacker PC and a Victim PC. Behavior Detection component has to be configured on a Victim PC to detect malware activity, protect shared folders and block connections on detection of external encryption. Step-by-step guide On a Victim PC create folder with regular office-like files: *.DOC, *.DOCX, *.XLX, *.JPG Share folder on the Victim PC, ensure that the account logged on to the Attacker PC has full access to the shared folder. Map the shared folder as a network drive on the Attacker PC. Add/unpack the aescrypt.zip archive to the Attacker PC. Add contents to the list.txt file, based on the files in a mapped folder. Since the folder is mapped, paths will look like local ones, eg. Z:\Book1.xlsx. Use the contents of file example-list.txt as an example: On an Attacker PC, launch test.bat file to start encrypting files from list.txt . Behavior Detection in KES on the Victim PC will detect the attempt and will try to perform a rollback. Full access to a share on Victim PC for an Attacker PC will be blocked (if specified in KES policy). File restoring event is logged on a protected workstation Access to a folder is blocked from an attacker's point of view Local encryption test Step-by-step guide Prepare a folder with files to get encrypted, perform tests on files *.DOC, *.DOCX, *.XLX, *.JPG. Add/unpack to this folder the attached TestProgExp.zip utility. Launch TestProgExp utility to start the encryption. Files will be encrypted in a folder with test utility Allow some time for Behavior Detection in KES to detect the attempt and perform the rollback, as well as get rid of the suspicious software: Files get restored

Добавьте пожалуйста шорт каты https://ru.wikipedia.org/wiki/Сочетание_клавиш keyboard shortcut, quick key, access key, hot key Сворачивание программы в трей, сворачивание программы в панель задач, закрытие (выход из программы, с завершением процесса и службы), блокировку базы, создание новой карточки, редактирование уже существующей карточки, листание разных учёток в одной карточке, создание новой "группы", открытие настроек, синхронизацию, копирование значений из полей user name, password,переход к определенной группе "аккаунты/банковские карты/заметки/документы/" Раздельные горячие клавиши для копирование значения из поля "логин" в буфер обмена и отдельной клавиши для копирования значения из поля "пароль" (не ctrl+c) в буфер обмена. Нужно для того чтобы можно было alt+tab'абаться между программой и менеджером паролей. И копировать конкретное поле сразу, а не водить мышкой. например открыл steam чтобы залогиниться atl+tab, появилось окно менеджера ctrl+f, вод пары символов для поиска, из активной карточки (если нужная карточка не активна, "активируешь её стрелочками") нажимаешь ctrl+z (копировал в буфер логин), alt+tab открылось окно ввода в стим ctrl+v, alt+tab ctrl+x (копировал в буфер пароль) alt+tab ctrl+v. можете даже их за хардкодить, без возможности что-то настроить не нужно отвечать на моё предложение формулировкой "функция мало востребованная, маловероятно добавим", это нужно было сделать много лет назад ещё до запроса от пользователей, простите меня конечно, но программе больше 12 лет, и в ней всё ещё нету базовых вещей. За двенадцать лет можно было уже и с дистрибутивом под линукса определиться, и обеспечивать работу только на одном конкретном дистрибутиве. Почему такие простые вещие нужно выпрашивать у разработчика который претендует на место среди лидеров рынка?

Hello @Wesly.Zhang, 100%. We raised an incident, the TS agent said it cannot be disabled, the TS Supervisor said it cannot be disabled, they also sent it to HQ, the HQ experts said it cannot be disabled. HQ response in total was: quote On-screen keyboard is not a component that can be disabled, it is additional feature that customer can launch (or not) via hotkey combination. Hotkey combination can be disable opening on-screen keyboard feature in Settings - Additional - uncheck option "Open On-Screen keyboard by typing CTRL+SHIFT+ALT+P". end quote Unchecking the hotkey sequence does not disable On-screen/virtual keyboard. Why? Because it’s impossible to do so. There is no disable On-screen/virtual keyboard option in any of Kaspersky’s home AV. Have you found a way to disable On-screen/virtual keyboard, (apart from a registry hack) @Wesly.Zhang ? Thank you🙏 Flood🐳+🐋

Harlan thank you for quick responses, i sent you files, please check your inbox.

Hello I can launch the rescue disk from the USB thumbstick but when I try to launch the Kasperky Rescue Tool it will not launch, nothing happens. I tried to double click the icon and also right click then execute but nothing happens. I tried from the limited graphic mode option also and the same result. The only thing I can do from the GUI is restart it. I attached the hardware information file to this thread. My aim was to scan UEFI for any embedded malware or rootkits. Also I have Kaspersky AV is that sufficient enough to scan UEFI for malware or rootkits? Forgot to mention getting these errors in popup boxes: plugin “Date Time” unexpectedly left panel plugin “Keyboard Layouts” unexpectedly left panel plugin “CPU Graph” unexpectedly left the panel Also I was able to launch the USB from another PC and it had me accept a EULA agreement. The computer I can’t launch it from did not have the EULA agreement on the screen… maybe its a resolution issue and the EULA is not on the screen for me to accept. Only thing I can think of is to disable my Video card in EUFI and plug directly into the integrated graphics port...unless there is another way to change resolution on the fly without me disabling my graphics card…. ??? Thanks for any help.

Hello @George Whittle, Welcome! Read: Turn off/on automatic display of the onscreen keyboard - it needs to be *unchecked* Thank you? Flood?+?

Simple. In my case, switching between languages is done with Ctrl+Fn+F12 and Ctrl+Fn+F5 when you are on the main screen of Kaspersky Standard. (The official advice from Kaspersky was Ctrl+F12 and Ctrl+F5, but for my keyboard an additional "Fn" press was required). Please try this.

Hello @S.E., Welcome! Uncheck the options (you) require in: Secure Data Input settings - image 1 OR Add an exclusion for specific websites, see image 1 above & image 2 below Result: Any issues or concerns please post back? Thank you? Flood?+? Resource: How to configure protection of data entered on the computer keyboard

Hello @KIS21User, Welcome back! 1. Don't be frightened! 2. Spinme is shipped with the Touchpal default keyboard. 3. IF you haven't already -> back up the phone: contacts, sms, calendars, whatever you consider important! 4. Disable the TouchPal keyboard and replace it with the Gboard – the Google Keyboard app, follow the steps below: Open the phone Settings menu. Tap on Settings Scroll thru to find Apps or Apps manager. Tap on Apps, or App Manager. Find and tap on TouchPal. The Apps screen with all the installed apps will open. Scroll thru until you find the TouchPal app. Tap on Touchpal to open TouchPal Details Select Force Stop -> allow it to STOP. Select Uninstall -> allow the uninstall to complete. At that point Google Keyboard should have replaced Touchpal? Shutdown, power OFF, the phone, leave it OFF for 3 minutes. Power ON, login. Check if the Spinme issue is resolved? Yes? Excellent, work, well done? No?, IF KIS is a Premium subscription, not Free, Beta, or Trial, please contact Support, on the support page, select either Chat or Email, then fill in Malware, I suspect my device is infected; Support may request logs, traces & other data; they will guide you. Please share the outcome with the Community, when it's available? Regarding: Is there a chance Kaspersky for Android will receive an update that erases this thing? The distributors of the patches for Touchpal should not be distributing "dirty' patches. And maybe preventing TouchPal from downloading unwanted apps in the future? IF you log the case with Support, you may wish to discuss this with them. Thank you? Flood?+?

I appreciate your quick support and response. Thank you so much

Thank you for quick reply. I am waiting for result from your team

[code] System: Kernel: 5.15.0-57-generic x86_64 bits: 64 compiler: gcc v: 11.3.0 Desktop: Cinnamon 5.6.5 tk: GTK 3.24.33 wm: muffin dm: LightDM Distro: Linux Mint 21.1 Vera base: Ubuntu 22.04 jammy Machine: Type: Desktop System: Micro-Star product: MS-7D42 v: 1.0 serial: <superuser required> Mobo: Micro-Star model: MAG B660M MORTAR WIFI DDR4 (MS-7D42) v: 1.0 serial: <superuser required> UEFI: American Megatrends LLC. v: 1.40 date: 05/19/2022 Battery: Device-1: hidpp_battery_0 model: Logitech Wireless Mouse serial: <filter> charge: 55% (should be ignored) status: Discharging Device-2: hidpp_battery_1 model: Logitech Wireless Keyboard serial: <filter> charge: 55% (should be ignored) status: Discharging CPU: Info: quad core model: 12th Gen Intel Core i3-12100 bits: 64 type: MT MCP arch: Alder Lake rev: 5 cache: L1: 320 KiB L2: 5 MiB L3: 12 MiB Speed (MHz): avg: 4183 high: 4286 min/max: 800/5500 cores: 1: 4286 2: 4251 3: 4178 4: 4136 5: 4138 6: 4105 7: 4251 8: 4125 bogomips: 52838 Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx Graphics: Device-1: Intel vendor: Micro-Star MSI driver: i915 v: kernel ports: active: HDMI-A-1 empty: DP-1, DP-2, HDMI-A-2, HDMI-A-3, HDMI-A-4 bus-ID: 00:02.0 chip-ID: 8086:4692 Display: x11 server: X.Org v: 1.21.1.3 driver: X: loaded: modesetting unloaded: fbdev,vesa gpu: i915 display-ID: :0 screens: 1 Screen-1: 0 s-res: 1920x1080 s-dpi: 96 Monitor-1: HDMI-1 mapped: HDMI-A-1 model: LG (GoldStar) W2363D res: 1920x1080 dpi: 96 diag: 587mm (23.1") OpenGL: renderer: Mesa Intel Graphics (ADL-S GT1) v: 4.6 Mesa 22.0.5 direct render: Yes Audio: Device-1: Intel vendor: Micro-Star MSI driver: snd_hda_intel v: kernel bus-ID: 00:1f.3 chip-ID: 8086:7ad0 Sound Server-1: ALSA v: k5.15.0-57-generic running: yes Sound Server-2: PulseAudio v: 15.99.1 running: yes Sound Server-3: PipeWire v: 0.3.48 running: yes Network: Device-1: Intel driver: iwlwifi v: kernel port: N/A bus-ID: 00:14.3 chip-ID: 8086:7af0 IF: wlo1 state: down mac: <filter> Device-2: Realtek RTL8125 2.5GbE vendor: Micro-Star MSI driver: r8169 v: kernel pcie: speed: 5 GT/s lanes: 1 port: 4000 bus-ID: 03:00.0 chip-ID: 10ec:8125 IF: enp3s0 state: up speed: 100 Mbps duplex: full mac: <filter> Bluetooth: Device-1: Intel type: USB driver: btusb v: 0.8 bus-ID: 1-14:7 chip-ID: 8087:0033 Report: hciconfig ID: hci0 rfk-id: 0 state: up address: <filter> Drives: Local Storage: total: 589.69 GiB used: 14.44 GiB (2.4%) ID-1: /dev/nvme0n1 vendor: Kingston model: SKC3000S512G size: 476.94 GiB speed: 63.2 Gb/s lanes: 4 serial: <filter> temp: 23.9 C ID-2: /dev/sda vendor: A-Data model: SU650NS38 size: 111.79 GiB speed: 6.0 Gb/s serial: <filter> ID-3: /dev/sdb type: USB vendor: Silicon Power model: silicon -power size: 983 MiB serial: <filter> Partition: ID-1: / size: 237.08 GiB used: 14.41 GiB (6.1%) fs: ext4 dev: /dev/nvme0n1p5 ID-2: /boot/efi size: 95 MiB used: 30.2 MiB (31.8%) fs: vfat dev: /dev/nvme0n1p2 Swap: ID-1: swap-1 type: file size: 2 GiB used: 0 KiB (0.0%) priority: -2 file: /swapfile USB: Hub-1: 1-0:1 info: Hi-speed hub with single TT ports: 16 rev: 2.0 speed: 480 Mb/s chip-ID: 1d6b:0002 Device-1: 1-2:2 info: Micro Star MYSTIC LIGHT type: HID driver: hid-generic,usbhid rev: 1.1 speed: 12 Mb/s chip-ID: 1462:7d42 Hub-2: 1-3:3 info: Genesys Logic Hub ports: 4 rev: 2.1 speed: 480 Mb/s chip-ID: 05e3:0610 Device-1: 1-3.4:5 info: Kingston PS2232 flash drive controller type: Mass Storage driver: usb-storage rev: 2.0 speed: 480 Mb/s chip-ID: 13fe:1f23 Device-2: 1-8:4 info: Logitech Unifying Receiver type: Keyboard,Mouse driver: logitech-djreceiver,usbhid rev: 2.0 speed: 12 Mb/s chip-ID: 046d:c534 Hub-3: 1-11:6 info: Genesys Logic Hub ports: 4 rev: 2.0 speed: 480 Mb/s chip-ID: 05e3:0608 Device-1: 1-14:7 info: Intel type: Bluetooth driver: btusb rev: 2.0 speed: 12 Mb/s chip-ID: 8087:0033 Hub-4: 2-0:1 info: Super-speed hub ports: 9 rev: 3.1 speed: 20 Gb/s chip-ID: 1d6b:0003 Hub-5: 2-2:2 info: Genesys Logic USB3.2 Hub ports: 4 rev: 3.2 speed: 10 Gb/s chip-ID: 05e3:0625 Sensors: System Temperatures: cpu: 27.8 C mobo: N/A Fan Speeds (RPM): N/A Repos: Packages: apt: 2632 No active apt repos in: /etc/apt/sources.list Active apt repos in: /etc/apt/sources.list.d/official-package-repositories.list 1: deb http: //mirrors.powernet.com.ru/mint/packages vera main upstream import backport 2: deb http: //mirror.docker.ru/ubuntu jammy main restricted universe multiverse 3: deb http: //mirror.docker.ru/ubuntu jammy-updates main restricted universe multiverse 4: deb http: //mirror.docker.ru/ubuntu jammy-backports main restricted universe multiverse 5: deb http: //security.ubuntu.com/ubuntu/ jammy-security main restricted universe multiverse Info: Processes: 277 Uptime: 5m Memory: 31.08 GiB used: 1.5 GiB (4.8%) Init: systemd v: 249 runlevel: 5 Compilers: gcc: 11.3.0 alt: 11 Client: Unknown python3.10 client inxi: 3.3.13 [/code]

Thanks Berny for quick answer I will collect asap , where to send it ?

Your app is a disgrace Kaspersky. It has been quiet for 2 days, I thought that was it, and I was minding my own business watching a movie on amazon prime when what did I get? A big popup on the bottom right covering a quarter of the screen asking me if I wanted to install Kaspersky on my mobile. Sure, there was an option for "don't ask me this again" but I have no idea how many more different messages I am going to get before this stops happening, or if it WILL stop. I am going back to the combo of defender and Malwarebytes and getting a refund on Kaspersky for a second time. There won't be a third. I have compiled a list of grievances I have with the operation of the product, that I wanted to talk to support about, specifically how you can't enable outbound internet connection notifications without enabling the main app interaction notification which notifies you about EVERYTHING an app tries to do (launch, modify registry, access said folder, etc etc). All I want is an "this app is trying to access the internet, deny or allow" but I have to click 9 different allows just to get ONE game to run, it's crazy. So anyone who wants to keep their sanity just disables all outbound notifications. Sure you can trust an app but not even that is foolproof, I have trusted HD Sentinel 100 times and it disappears from trusted on every launch and I get registry access popups, so I just gave up and disabled those notifications. Why you don't have a "depth of notifications" and for example "alert on internet access only attempt" option, in SUCH a deep program, I have no idea. You've made the outbound notifications all but useless as it stands. And who wants to completely trust every app on their system anyway? I had been compiling all the data and how it could be made more user friendly but I don't think there's a point. At this stage the program is as bad as Mcafee and Norton in the spam department and doing the things I specifically want an AV app to NEVER do. I have no idea why someone like Kaspersky who I always trusted and respected would resort to these childish tactics, but, that's it for me. All I want to know is how to remove the program with NO trace in my registry and without messing anything up that would make me think I need to format and re install windows 11. Anyone with knowledge on that? How to truly and completely uninstall this adware? (it's adware by its very definition, as I have unticked all the notification popups and it's still behaving as adware would, as I have explained. Advertising the mobile app while I am on a PC, is adware. I took pics for proof also).