We are going to create a new wallet on hardware device, to create an address, then we will import his current wallet to the hardware device, and send those coins to the newly created wallet...... So we are taking precautions. I told him he needs to secure his mnemonic phrase immediately, then after the coins have been secured, wipe and re-install his operating system.
Don't forget to tell him to use another device that he knows is clean from malware and viruses, or if he doesn't have an extra device but has an extra SSD/HDD, then he can install a fresh OS and disconnect the current drive because even if he is going to use a hardware wallet during importing his current wallet to the newly created wallet, he might experience the same thing because that device is infected and his clipboard is already hijacked.
I think blockchain seed is compatible with Electrum BIP39 enabled try to suggest it to him.
Yo
As far as the computer that had the clipboard malware installed, it will not be involved in the process of moving to a new wallet as a precautionary measure.
He apparently has a ledger wallet that we are going to move the funds, and I will be showing and explaining how to set up a bip39 passphrase as an option.
I will also make him aware of the need to verify address
ALL OF THE TIME regardless of whether you are using a cold wallet or not.
As far as the old computer is concerned, he is going to wipe the drive, and re-install Windows.