Hi,
I've just received a notification that Bitdefender disinfected a file called 'mseivupr.scr' from another user's temp folder due to it containing Trojan.KDV.753880. After doing a full scan, it looks like it's related to the "Your friend added a new photo of you" Facebook email virus which they had received. They aren't sure whether they clicked on the link in the email as it was from around two weeks ago.
Can you tell me whether the file could have appeared due to Bitdefender scanning the email for viruses, or would it only have been produced by the user clicking on the attachment and/or link in the email (they use Thunderbird if that makes a difference).
The Bitdefender alert appeared when they logged on. Was that an indication that the Trojan was trying to be run by something, or does Bitdefender scan the temp folder when you log in?
A System Scan showed no other problems after the removal of the trojan in the email (see below).
Do you have any more detail on the Trojan? What damage does it do? The scan log showed:
<Item type="0" objectType="0" path="D:\Users\Jill\AppData\Roaming\Thunderbird\Profiles\k6tmc2fl.default\Mail\Local Folders\Inbox=>(message 55)=>[subject: Your friend added a new photo with you][Date: Tue, 9 Oct 2012 11:07:22 +0100]=>(MIME part)=>FacebookPhoto_album_IDRU6J-2079.zip=>FacebookPhoto_album.jpeg.exe" threatType="0" threatName="Trojan.Generic.KDV.753880" action="3" initialStatus="3" finalStatus="5" quarId="" failReason="0" />
Ta.
