More great research from this team.
Apparently Harnig is responsible for *some* of the infections of Rustock.
...Harnig is considered to be a very wide spread pay per install malware whose sole purpose is to infect PCs and then download and install a variety of other malware on the system. In return for this favor, the owners of other malware families pay the bot herders a little sum, normally a few cents per machine.
Harnig --> Downloader.DigiPog (Rustock Installer in plain text)---> Rustock Spam Engine (semi-fake Password protected 'rar' file containing Rustock Driver file).
At FireEye labs, we monitor the activities of different botnets on a 24/7 basis. Around March 17th, I found that all of the Harnig's C&Cs suddenly stopped responding, returning '404 Not Found', to their zombies. The last time I saw Harnig successfully talking to its C&Cs was Mar 17th 12:45 PM PST. At that time, I saw it downloading different malware onto the infected machine including SpyEye, Zbot, Ertfor etc. but there is no movement after that at all.
The whole thing is worth a read, even for non-technical people.