Asprox: beyry.ru, iopoe.ru, jetp6.ru, nucop.ru, port04.ru and vj64.ru
Active domains in this new attack seem to be as follows, new ones are in bold.
Check your logs or block these domains. Most business outside of Russia and neighbouring countries could probably block the entire .ru TLD with minimal impact. Look also for the CGI sript (/cgi-bin/index.cgi?lle) to find potentially infected client PCs.