Hi guys
Got a laptop which I think has been hijacked - when the user enters their Windows password, the system says it is incorrect and shows a link to reset the password. If you click the link it asks you to insert a USB flash disk, so looks very suspicious.
The FRST log is attached.
Cheers.