My daughter clicked on a post and should not have.
OTL log attached
MBAM log
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.orgDatabase version: v2012.08.05.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
8/5/2012 1:18:03 PM
mbam-log-2012-08-05 (13-18-03).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196807
Time elapsed: 3 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Windows\Installer\{9dabbef6-4905-955b-f467-a3da8cbbe60e}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\Windows\Installer\{9dabbef6-4905-955b-f467-a3da8cbbe60e}\U\trzA602.tmp (Rootkit.Zaccess) -> Quarantined and deleted successfully.
C:\Windows\Installer\{9dabbef6-4905-955b-f467-a3da8cbbe60e}\U\trzA71D.tmp (Rootkit.0Access) -> Quarantined and deleted successfully.
(end)