NickH

First of all thank you very much secondly, the only thing it found malicious was this domain / url ?

Hi I went to some article in pcmag and when I scanned it, hybrid analysis sandbox analysis claimed it to be malware, but ESET didn’t found anything on my pc, still I decided to do reset, for peace of mind, after the reset I thought maybe it could infect the UEFI , did scan and still ESET didn’t found anything, but still it gives me the creeps that maybe something it’s still there I don’t know how to fully read hybrid analysis report, can someone help me and tell me from the report if I have to be worried? (look into the sandbox analysis but I guess you already knew that) (also the same result for every article in pcmag, tried number if times so this link it’s just one out of many that I tried) hybrid analysis link: hxxp://www.hybrid-analysis.com/sample/1766227c6cf7b11d17053f538d60e8986854a983b4de66205c360fc13a674101

Actually a friend made the project, and his pc maybe (don’t know for sure) infected thats why I scanned, can you help me and analyze that ? if you can, thank for very very much for the help

it’s.net 8 console application project, scanned the whole project and the answer is worrying me before putting the files in virustotal i scanned them using my eset on my pc , didn’t detect anything and livegrid didn’t detect anything Any one who understands, can you help me ? Can you analyze and tell me if they are really malware or false positive? Here are the urls: 1. https://www.virustotal.com/gui/file/0a5682c0b12af7a2f8318c571251a55f486f2bf62eb3fafe65d855a826236e3b (.rar file , the whole project) 2. https://www.virustotal.com/gui/file/ed79befa9d697ba631c65771ed1df7b936b5653b1322a76ffef8fab5837cdb7a (it‘s a dll file from the project) Also here from hybrid analysis https://www.hybrid-analysis.com/sample/ed79befa9d697ba631c65771ed1df7b936b5653b1322a76ffef8fab5837cdb7a Help me please, anyone who knows how to read the analysis of virustotal or hybrid analysis

Sorry , copied that from another place I have asked for opinion

I have the urls now, will it help you ? 1. https://www.virustotal.com/gui/file/80424bac86dd8a0246c2af2fddefea137f8ab8845ae832be1fdef73ef48ac53(I don’t think if finds it now but try) 2. https://www.virustotal.com/gui/file/53ec323a632a5280909faa86bb24fd543706fed60b96e73e3c830de127b913ff (same like the first) 3.https://www.virustotal.com/gui/file/0a5682c0b12af7a2f8318c571251a55f486f2bf62eb3fafe65d855a826236e3b 4. https://www.virustotal.com/gui/file/ed79befa9d697ba631c65771ed1df7b936b5653b1322a76ffef8fab5837cdb7aI see that the first ones might not load to you I uploaded the files again (from the pc they were on, not the one who got reset) they set there for a while but the pc not were connected to electricity, so when got reuploaded and rescanned, some of them may say not a virus (now). Also can the reupload and rescanning mess up the result ?

And I wanted to scan the files because my friend that sent me the project, went to +18 sites (and you know what I'm talking about)

You're right, I forgot to write about this part, I scanned each file (seperatly) using virustotal (don't have the url but remember the details), some files were found only by maxsecure as trojan.malware.300983.susgen and somefiles were only found by bkavpro as w64.aidetectmalware. But antiviruses like ESET(which is what i have on my pc) bitdefender , norton and more reputable ones didn't find anything and the files that was found as malware was found only by one antivirus (maxsecure or bkav pro).

Hello almost a month ago my friend sent me a .net 8.0 C# Project (console application) and I helped him (I don't remember if i did ran it or not because if i remember right i didn't have .net 8.0 but maybe i downloaded it and ran it); Later I discovered that my firend if go to +18 sites (you understand what im talking about), and when I discovered that I was afraid that the project he sent me maybe was infected and got my pc infected (because maybe from the sites he goes to, the pc might be infected) so I uploaded all my progress game files to my Google drive and did a reset to my pc; The problem is that I played a game (One piece pirate warrior 4) after I helped him but before I discoved to which sites he goes, and after the reset I downloaded the game files and used them to play. Before the reset, ESET HOME Premium Security didn't find the project as malware or some malware on the pc, also after the reset and ESET (same edition) didn't find anything using of those game progress files. So I wanted to hear (just to feel safe) what do you think about my situation and if .dat and .sav can deliver or be a malware in situation like mine. Thank from advence for the time and the answers.

I went to the Quarantine folder on my pc (C:\Users\<myuser>\AppData\Local\ESET\ESET Security\Quarantine), And it just came to my mind that maybe going into the folder might cause the viruses get spread (if there are). I didn't open any of the files but I did a scan to those files on my eset (home security premium version). so it could got spread or not ?