I looked at my computer this morning and saw the green light camera on. I almost never use it. It turns out on my administer account, a facetime was running. I don't remember starting it. I check my eset logs, and yesterday it showed
a JS/ExoClick.A was run as root with a red text and red background. the Action/Information columns are blank. caught by http filter. I can visit the sight in question in my browser, but it immediately does get quarantined as user = my user (not root) action = "connection terminated", information is still blank. It looks to me like it did not run in this case.
Need advice. Did some arbitrary code get run as root? Should i reinstall my OS from scratch? Right now the machine is completely off the internet but does otherwise appear to be functioning correctly.
HASH = 2C2A997217F780F9866B8D21E1D9F5F1CEA25114