<b>You have to register to ba able to see this link</b>

This is the first time I have received this. I am not sure what it is so I did some digging.

And I found this -> <b>You have to register to ba able to see this link</b>(Forensics)?p=262758

Apparently it might be some kind of virus/malware? If so, how do I get rid of that?

When you further go into 'processes' it says the 'cheat' is this -> PENotify.exe

I looked for this in google and apparently it's some kind of windows start up or whatever? Is this a virus or is this some kind of a windows 11 update and wargods now is detecting it as a cheat/virus?

EDIT: Memory dump thing or whatever: <b>You have to register to ba able to see this link</b>

I would appreciate the help. Btw I'm not banned anywhere, but this is worrying me it's gonna happen again in the future and moreover, that it might be some kind of a virus that bypassed my antivirus.


EDIT2: I did 2 more wargods, same weird detection. I closed CS and opened it again for them, closed some programs like discord and utorrent. Still the same detection.

EDIT3: Based on some further digging in the forums here, I've found out that opengl32.dll could potentially somehow trigger this? However, I couldn't find this in my cstrike. Potentially, though, it could be from this LAN recording KZ pack -> <b>You have to register to ba able to see this link</b>

I have found that they have several .dll files and one of them even has the '32' number in it. (amxpc32.dll) Is it possible this is the reason why? FYI this pack is used for kreedz/jump recording convinience, you have plugins such as lj stats, teleports, top15 plugins and etc. whenever you want to play a KZ/bhop map alone.

Please search for file called "PENotify.exe" and upload it for analysis.

Can you help me with that? Not sure where to find it, but it still detects it.

EDIT: Is this what you need? <b>You have to register to ba able to see this link</b>

I uploaded the file according to what it said from the aforementioned link, but I'm still not 100% if this is penotify.exe because whenver I try to check it from my task manager, I cannot locate it. <b>You have to register to ba able to see this link</b>

We don't save file paths. What you uploaded it's not penotify.exe, but a shortcut. I need the executable.

Yeah I see, when I right clicked before it redirected me to a page of shortcuts, now I think I have found the real one -> <b>You have to register to ba able to see this link</b>

Also I made an additional photo of all the other files that were in the same directory as this one. Tell me if you need any of them -> <b>You have to register to ba able to see this link</b>

I think it is this one -> <b>You have to register to ba able to see this link</b>

Also other files in the same location -> <b>You have to register to ba able to see this link</b>

Sorry for the double post, but I learned how to use the task manager search bar properly. Yeah, I'm confident now that the file I uploaded is in fact penotify.exe as per this photo -> <b>You have to register to ba able to see this link</b>

So yeah, this is the reason for the detection. Seems to be running in my background non-stop. I won't disable it in case you need further testing.

EDIT: Also my other post contains the link to it, but it's apparently pending response because a moderator needs to accept it, hence why I had to do a double post.

EDIT2: Holy moly I think I'm making all the discoveries here. After looking around in the same folder as the previously attached file, I noticed a thing literally called PENotify. Here it is -> <b>You have to register to ba able to see this link</b>

It's very suspicious as to why it is disguised as PDFelementTray in my task manager when in reality it is called penotify.exe. Is this an actual trojan/potential malware that comes with the pdf editor?

Stop spamming dude.

False-positive, detections removed.