Jump to content
cornyfred

Ran into a serious malware issue

Recommended Posts

I looked at my computer this morning and saw the green light camera on.  I almost never use it.  It turns out on my administer account, a facetime was running.  I don't remember starting it.  I check my eset logs, and yesterday it showed 

a JS/ExoClick.A was run as root with a red text and red background.  the Action/Information columns are blank.  caught by http filter.  I can visit the sight in question in my browser, but it immediately does get quarantined as user = my user (not root) action = "connection terminated", information is still blank.  It looks to me like it did not run in this case.  

Need advice.  Did some arbitrary code get run as root?  Should i reinstall my OS from scratch?  Right now the machine is completely off the internet but does otherwise appear to be functioning correctly.

 

HASH = 2C2A997217F780F9866B8D21E1D9F5F1CEA25114

Edited by cornyfred

Share this post


Link to post
Share on other sites

JS/ExoClick.A is not malware but a PUA detection (potentially unwanted application). It detects a specific ad provider which has been seen to deliver malware, PUAs, etc. through ads. It was detected and blocked by ESET, ie. the script wasn't executed at all.

Share this post


Link to post
Share on other sites

Hi Marcos, thanks for the very quick reply!  Is Exoclick.a a binary executable or a javascript program?   Just to be clear, what does the log line with user root in red mean?  Is it safe for me to put my machine back on the net?

 

 

Share this post


Link to post
Share on other sites
2 hours ago, cornyfred said:

Is Exoclick.a a binary executable or a javascript program?

The "JS/"" prefix for the signature indicates it is JavaScript based. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×