Fairly sure that if anybody using a advanced piece of hacking software, they are also going to delete any messages that are related to detection of such hardware.
PC viruses used to do that stuff going back so many years ago. Suppressing any notification under Windows, by disabling the AV software, its notifications, windows notifications related to it.
So it will amaze me that this is not done by any modern espionage software. Especially as the notification methods are known. Given that his device is hacked, that means a lot of avenues are under control of the espionage software. Even mails etc ... So impersonating the end user, to confirm they read a warning, is extreme easy.
I find it rather odd that people are so fixated on the idea if Kouloglou read it or not.
Maybe the software can only exfiltrate information, rather than change it.