suspicious dashost.exe rootkit? no av detection

[el el amiril 0]

hello eset community and respective administrator i am having trouble analyzing my dashost.exe file it was not tag by any antivirus as malware but when i run it on hybrid analysis.com it was tagged as rootkit and suspicious also it does not have any digital signature in it is this fine or is my pc got infiltrated i am sending a sample to eset of the file hoping i will get a response.

 

here is the file @ https://file.io/9aS5vWwaQwPo

[el el amiril 0]

here is the report

[Marcos 4,935]

The file is no longer available. Please do not post link to potentially malicious files which could harm users if downloaded and run. Instead submit suspicious files to samples[at]eset.com in an archive protected with the password "infected".

[el el amiril 0]

im sorry i will abide rules next time can you please check my dashost.exe file as seen in the screenshot?

[Marcos 4,935]

If you submit  the sample to ESET, we can check it out. A screenshot is not enough and manually transcribing the SHA256 would be tedious.

[el el amiril 0]

9 minutes ago, Marcos said:

If you submit  the sample to ESET, we can check it out. A screenshot is not enough and manually transcribing the SHA256 would be tedious.

i wonder why my pc dashost is not digitaly signed?

[el el amiril 0]

is it ok?😔

[Marcos 4,935]

Microsoft's file C:\Windows\System32\dasHost.exe  is not digitally signed. Did you check its reputation?

[el el amiril 0]

yes sir

[el el amiril 0]

now my regidit is detected as malware by filescan.io

 

[el el amiril 0]

[Marcos 4,935]

Please either submit those files to samples[at]eset.com or provide hashes of the files or links to the above pages.

[el el amiril 0]

can filescan.io be trusted?

[el el amiril 0]

its very wierd i think my pc got infected with malware that is not seen by all anti virus i am sending samples

 

[el el amiril 0]

running sfc in normal boot did not find any integrity violation but when on startup repair it found violation that it cant fix ?

[el el amiril 0]

i think it has  software virtual machine packing to protect its code can eset even managed to scan this type of concealment?

[itman 1,630]

To get to the bottom of this, I submitted dashost.exe from my Win 10 x(64) build to Hybrid-Analysis. I received the same suspicious detection as shown in the previous posted screen shot. In other words, it is a false positive detection.

As far as the regedit.exe detection by filescan.io, I have no idea what file you actually submitted, or if the file was actually submitted to the legit filescan.io web site.

Unwarranted software paranoia I believe is being manifested here.

[peteyt 387]

I'm curious why you are scanning these on multiple sites in the first place. The problem is anything has the potential to flag as suspicious, but the fact no AVs are detecting them looks like these suspicious flags are false positives 

[el el amiril 0]

@itman i run and want to test my windows files after a html trojan is detected by my eset and after checking that my pc windows files has no digital signature by the way i am running a crack game/program that i set my eset hips to block modification.

[el el amiril 0]

i think its false positive