Malicious defacement missed?

Viruses and worms
1

See: https://www.virustotal.com/nl/url/26bc0125354f3291afce04f8e45f5ab9a6b383712152dbb458383243bda71b4a/analysis/
See: http://quttera.com/detailed_report/crosswiresolutions.com
Detected here: https://sitecheck.sucuri.net/results/crosswiresolutions.com
Web site defaced. Details: http://sucuri.net/malware/entry/MW:DEFACED:01

Hacked By Darkshadow <script type="text/javascript"

http://killmalware.com/crosswiresolutions.com/ detected suspicious code as
Antivirus reports:

TrendMicro-HouseCallTROJ_GEN.F47V0724
KasperskyUDS:DangerousObject.Multi.Generic

polonus

2

This posting is an update from this earlier my posting: https://forum.avast.com/index.php?topic=171241.0
3 months means the issue is long OVERDUE!

polonus

3

html scan
https://www.virustotal.com/en/file/73c7ab93fded9e42b54ddf8a7983ea9e55b316779c5a7eb002cbf7b98c4f989d/analysis/1438289485/

code sample scanned 2013-11-06 14:14:28 UTC ( 1 year, 8 months ago )
https://www.virustotal.com/en/file/2cce81b5d7a41ab55f4d62d56dca72e6880b58b484531113e3fa671fb18b4c19/analysis/

seem this link will not show the old result after a new fresh scan, but this was the result
TrendMicro-HouseCallTROJ_GEN.F47V0724
KasperskyUDS:DangerousObject.Multi.Generic

code sample fresh scan
https://www.virustotal.com/en/file/2cce81b5d7a41ab55f4d62d56dca72e6880b58b484531113e3fa671fb18b4c19/analysis/1438289630/

4

Update site still hacked and defaced: http://killmalware.com/crosswiresolutions.com/#
& confirmed here: http://toolbar.netcraft.com/site_report?url=http://crosswiresolutions.com
Sucuri has it: ISSUE DETECTED DEFINITION INFECTED URL
Defacement MW:DEFACED:01 -http://crosswiresolutions.com
Defacement MW:DEFACED:01 -http://crosswiresolutions.com/404javascript.js
Web site defaced. Details: http://sucuri.net/malware/entry/MW:DEFACED:01

Hacked By Darkshadow

Various insecure or bad web rep uri’s: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fajax.cloudflare.com%2Fcdn-cgi%2Fnexp%2Fdok2v%3D919620257c%2Fcloudflare.min.js and see my posting: https://forum.avast.com/index.php?topic=175440.0
Low Level Site Exploration: http://1col.ru/www.crosswiresolutions.com
Conversant “abuse”- via here

polonus