How can I remove this warning saying that a file will damage my MacBook Pro?

That is the first 2, the third one is located at:

~/Library/LaunchAgents

The "/private/var/" folders may contain caches or data, but the files would not run on startup there, so there must be another file in a folder that does run on startup.

You may want to try the Shift-Command-[dot] key sequence to toggle hidden files in those locations.

There is also the location at /Library/StartupItems, but I have not seen any Malware use that location to launch files at startup.

Follow the previous Advise - First

Just to add an alternative Only after using the other method first

Download the Application Etrecheck directly from the Developer

Then use the Security  >> Category and Delete the Malware files listed 

First they should be deleted in Safe Mode, so the malicious program is not running.

Second, they need to be deleted from the 3 file locations referenced to by dialabrain. Searching for the file name will not work to remove all of the files. You get to these locations by going to Finder > Go > Go to Folder, and pasting each location there. We would need to see a screen shot of the files at each of those 3 folders to be able to determine all files have been removed. The 3 file locations are:

/Library/LaunchDaemons

/Library/LaunchAgents

~/Library/LaunchAgents

You should no longer be getting the annoying popup, so I'm guessing you just want to remove all remnants of the files that were installed even though they would have no effect on your system other than storage space. That is not a bad thing and I understand why you would want to do that.

Usually messing with the /private/var/ folder is not recommended and temp/cache files will be removed automatically by the system. I would make sure you have a recent backup before attempting any changes there. Again, you would want to start in Safe Mode and "Get Info" on the files to check the permissions. It most likely has "No Access" for the Admin and can be changed after clicking the lock icon. After changing the permission you should be able to delete them.

Unfortunately you ventured way off into the weeds attempting to rid your friend's Mac of the problematic "DeployPlatformfld" message.

Please start from the beginning by following these instructions:

About those "<app> will damage your computer" messages - Apple Community

I hope your friend created a Time Machine backup before you did what you did. You are likely to need it.

The Combo Cleaner.app noted in the EtreCheck report would concern me.

Also, check at Settings > General > Login Items to view what runs at startup and what is running in the background.

Items in the /private/var/db folder should have no effect on the pop up you are seeing.

Continue again as John Galt advised. If all files are not removed, others can be recreated.

Since you are coming into this mid problem and do not have a backup, the complete re-install would obviously be a last resort. With that, are you able to use Activity Monitor to view a process with a similar name of the problem file. This would be a stretch since most of the processes are not easily identifiable by their name. If you do find a similar name, double click it and choose Sample to reveal the path of the file running the process.

It's clearly the remanent of malware that has since been removed. Clicking 'show in finder' reveals nothing.

Right! We know that. That's the reason for creating the User Tip.

You jumped into the middle of a problem. Who knows what your friend did before you got involved but it obviously didn't help and almost certainly made things worse. Solving someone else's Mac problem by remote control on this site is difficult enough, but attempting to solve it by proxy is an order of magnitude worse.

(she googled 'DeployPlatform'

That's mistake #1. Never use Google to find solutions to problems. All Google will accomplish is to invite more problems. 99% of the results it returns will be for scams. They don't care about your Mac. They only want to harvest its information and sell it back to you in the form of advertising. Mission accomplished.

Don't use Google.

Maybe a new system install might resolve it?

Maybe. You have nothing to lose by trying. The first order of business though is to create a Time Machine backup: Back up your files with Time Machine on Mac - Apple Support. The EtreCheck report does not indicate the presence of one. Do nothing without a backup. Personally I do nothing without at least two backups.

See: About those "<app> will damage your computer" messages

The .aot file extension appears on Github

https://github.com/dotnet/docs/blob/main/docs/core/deploying/native-aot/index.md

The latest Command Line Tools for XCode. Supported on .NET 8 and later versions.

Correct me if you would

The offending files have been deleted

You have used various methods to find 1 - deplyplatform.gqa.aot and 2 - deplyplatform.gqa.aot

Am I right so far ?

You know their location

You can See them but can not remove them, also by various methods

The Pop Ups continue to present even in Safe Mode

We do not know for certain what Application the two files are associate with

What Happens when using the Get Info and you scroll down to Associate the .aot file to an installed Application

What is listed as an Application that can be used to use this extension

Perhaps this may provide more insights 🤞