This malware already taken down?

See: http://urlquery.net/report.php?id=1417213585813
IDS alert for “ET POLICY Norton Update User-Agent (Install Stub)”.
IDS alert is user agent context or crapware related.
It is possible that a trojan is masquerading as this agent to escape detection.
IP address badware history: https://www.virustotal.com/en/ip-address/93.115.95.70/information/
Lot of this scam malware is alive and up: http://support.clean-mx.de/clean-mx/viruses.php?as=AS39743&sort=id%20desc&response=alive
Read from GMane on this IDS alert: http://comments.gmane.org/gmane.comp.security.ids.snort.emerging-sigs/13618
Outdated Web Server Nginx Found Vulnerabilities on nginx nginx/1.4.3
Site just created → https://www.virustotal.com/en/domain/royal3000.ru/information/ → Outdated Web Server Nginx Found: nginx/1.4.3
This is the control panel page for ISPmanager to control a virtual server. Hosting company management.

polonus

Anyone looking for hosting directory http://www.whatabouthosting.com/directory/ ???

Historical badness is growing: http://sitevet.com/db/asn/AS39743 with Blacklisted URLs: 2129.
Also malware here: http://urlquery.net/report.php?id=1414647289867
and here: http://urlquery.net/report.php?id=1417001300450 → IDS alert for ET POLICY Unsupported/Fake Windows NT Version 5.0

polonus