i think you know, sexycodec and fake AVs were propagated using e.g.
hacked bbs and blogs
both, sexycodec and fakeAV, are using the same "obfuscating engine".
play with their parameters and you are able to generate your "malware threat of the day"
by using their own cgi script.
will send something like this:
if you'r runnig honeytrap,
you should have a look at the way i try to detect it.
Again it's based on NetCat dump and again it is a module for a simple rbot,
just to demonstrate how easy it is to find the honeys,
even if you are a noob.
using for illegal things is prohibited
awaiting your comments