That is the cache so those are files you downloaded using firefox.
From the above, it isn’t even clear if it is a real issue or a false positive. False positives are pretty common with trojans. That being said, it could very well be real.
If it is real, that particular vulnerability only impacts:
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka “VML Memory Corruption Vulnerability.”
So unless you are using an old version of Internet Explorer you should be fine.
This has nothing to do with the root password.
No
Keep in mind that most of what clamav reports on are Windows signatures. Before panicking, investigate the specific thing that was found and see if it even impacts you.
Be more careful about the links you click on.