So, seeing as she has a music folder on her phones mSD card, who wants to put money on her illegally downloading music via the likes of limewire, picking up a virus and then it dropping itself on the card to go infect elsewhere..
This is probably b*llocks. It's autorun malware - whenever she plugged a removable drive into her PC, which would have already been infected, it will have created the NADFOLDER & copied the Autorun-related files to her PC. File dates and times cannot be used reliably, as malware often changes them to many months or years prior to the infection date.
This is not unusual - I've seen a whole office have the same “NADFOLDER” fake recycle bin and Autorun malware. If the one in this story is from the same family, it also copies itself to the same folders in the root of mapped network shares. It also - by the nature of them being removable - infects any cards on USB digital cameras, camcorders with card slots, USB->CF adapters, the internal memory & SD cards on GPS devices etc. It's all quite reliable and not at all anything unusual nowadays.