Hot and fresh, serving Zlob trojans:
ebwmanufacture(dot)com
dmqfirm(dot)com
ictprivate(dot)com
Even though these sites usually show a 403 error, they are serving Zlobs (this is now fairly standard practice for Zlob sites now — show a 403 on the main page, but serve malware off of a subdirectory). For example, one link that actually downloads malware would be something like ebwmanufacture(dot)com/download(dot)php?id=4082.
Obviously, don’t go to these sites unless you want to infect yourself with malware.
Alex Eckelberry
(Thanks to Sunbelt researcher Patrick Jordan)