A user has brought his home PC into the office for us to look at. It has a malware problem unlike anything I have seen before.
The user starts up the Chrome browser and is taken to his normal homepage of https://google.co.uk
- but the "https" is crossed out in red, like it was an unknown SSL certificate. When I click on the SSL cert and drill down to the details, I see it was issued to *.188.8.131.52. The same thing happens in IE as well. The user is running Vista Home Premium.
I've run Malwarebytes which cleaned a number of items (including some trojans) but the problem persists. I have run Kasepersky TDS KIller but that didn't find anything.
I would be grateful for some help.