cornyfred

Hi Marcos, thanks for the very quick reply! Is Exoclick.a a binary executable or a javascript program? Just to be clear, what does the log line with user root in red mean? Is it safe for me to put my machine back on the net?

I looked at my computer this morning and saw the green light camera on. I almost never use it. It turns out on my administer account, a facetime was running. I don't remember starting it. I check my eset logs, and yesterday it showed a JS/ExoClick.A was run as root with a red text and red background. the Action/Information columns are blank. caught by http filter. I can visit the sight in question in my browser, but it immediately does get quarantined as user = my user (not root) action = "connection terminated", information is still blank. It looks to me like it did not run in this case. Need advice. Did some arbitrary code get run as root? Should i reinstall my OS from scratch? Right now the machine is completely off the internet but does otherwise appear to be functioning correctly. HASH = 2C2A997217F780F9866B8D21E1D9F5F1CEA25114