Ran into a serious malware issue

[cornyfred 0]

I looked at my computer this morning and saw the green light camera on.  I almost never use it.  It turns out on my administer account, a facetime was running.  I don't remember starting it.  I check my eset logs, and yesterday it showed 

a JS/ExoClick.A was run as root with a red text and red background.  the Action/Information columns are blank.  caught by http filter.  I can visit the sight in question in my browser, but it immediately does get quarantined as user = my user (not root) action = "connection terminated", information is still blank.  It looks to me like it did not run in this case.  

Need advice.  Did some arbitrary code get run as root?  Should i reinstall my OS from scratch?  Right now the machine is completely off the internet but does otherwise appear to be functioning correctly.

 

HASH = 2C2A997217F780F9866B8D21E1D9F5F1CEA25114

Edited September 9, 2018 by cornyfred

[Marcos 4,720]

JS/ExoClick.A is not malware but a PUA detection (potentially unwanted application). It detects a specific ad provider which has been seen to deliver malware, PUAs, etc. through ads. It was detected and blocked by ESET, ie. the script wasn't executed at all.

[cornyfred 0]

Hi Marcos, thanks for the very quick reply!  Is Exoclick.a a binary executable or a javascript program?   Just to be clear, what does the log line with user root in red mean?  Is it safe for me to put my machine back on the net?

 

 

[itman 1,543]

2 hours ago, cornyfred said:

Is Exoclick.a a binary executable or a javascript program?

The "JS/"" prefix for the signature indicates it is JavaScript based.