Hi malware fighters,

Zeus CC servers are escaping to so-called FastFlux botnet, because bulletproof Zeus botnet providers like recently Trojac are being closed down, criminal ISPs are checked by their upstream providers so the going gets narrow. For Zeus bot activity see: https://zeustracker.abuse.ch/statistic.php
Take one at a once particular Zeus IP: superlayout.org
Summary
•Computer Threats: 1.
General Info
•Identity Threats: 0
•Annoyance factors: 0

Total threats on this site: 1

Web Site Location China

superlayout.org
Threat Report

Total threats found: 1

Small-whitebg-red Virus

Threats found: 1
Here is a complete list:
Threat Name: Packed.Generic.292
Location: Location: hxtp://superlayout.org/125/tyu7.exe (not actual - domain suspended)

Here apparently nothing found: http://scanner.novirusthanks.org/analysis/7c36152228e787558257a7de4394cce6/aW5kZXg=/
because domain was suspended: https://zeustracker.abuse.ch/removals.php?host=superlayout.org

Recent listing( for home users): http://www.malwaredomains.com/wordpress/?cat=63

polonus