Hello friends,
we are using Eset Endpoint Antivirus in our company and I am facing one weird issue.
I just updated AV to latest version and since today I am facing issue with HTTPS websites. Bank account provided blocked access from one laptop to their server because of Gozi malware infection. I just scanned laptop with ESET, Norton, MalwareBytes but nothing was found so far. There is Kaspersky scan from USB running now.
I found that there is weird certificate installed in trusted root certification authorities called computername security cert 2. When I tried to access any website with HTTPS certificates it showed that for example https://google.com is secure, certificate is trusted, but google certificate had been issued by this weird trusted CA which is installed on PC.
User told me that he did not install anything and did not open any spam or so. There was installed big Windows 10 update 2 day ago.
Does anybody have any advice how to clean the PC.