Ecard attack on 2/26 has a number of my users seeing qlff.exe in the root of c:. Keep getting "qlff.exe has performed an illegal operation and must shut down", then the send to MS box. Task Manager is no longer available, unless in safe mode. Anyone else get hit with ecards?, seeing anything similar?
Doesn't look like virus sig files are up to date with this one?