JS:Includer-ANT[Trj)

I am attempting to view a site that I normally had access to until 3-4 days ago www.benzworld.org and AZ now blocks me stating it is an unsafe web site.

The virus warning pop up says it is JS:Includer-ANT[Trj)

Is there any way to determine if this site is really an issue to view or if AVZ is just issuing a false positive?

I did a google search on the virus name adding the website name to the search and nothing comes up.

Suspicious >> http://www.UnmaskParasites.com/security-report/?page=www.benzworld.org
3 hidden external links found.

Malicious URLs found >> http://killmalware.com/www.benzworld.org/

Suspicious >> http://zulu.zscaler.com/submission/show/608eb790c5618ac7ff608e56d4638724-1462633986

HTML scan
https://virustotal.com/en/file/137c923e55a0516e71cc642b9c7e759553e208ba3731979e3a34d89ab25d5fe1/analysis/1462637368/

IP is blacklisted.

A huge indication on why not to trust the site…
Why hiding a link to a adsite?
There is only one reason.
They want to earn money from the adds without you knowing that you visit the site of the advertiser!

Problem is I need to view content on this site for reference purpose. Is there a way to browse to this site and block what they are trying to deposit?

Can you post the screenshot of the avast alert popup (Attachments and other options option below the reply text window).

The reason why, I have just visited the link given and no avast alert. Using Firefox 46.0.1

There are a very large number of 3rd party site accesses, I use NoScript and also RequestPolicy add-ons these prevent 3rd party sites (the JS stuff could be coming from there).

Thanks for the help and advise everyone. Attached is the screen shot requested.

as the big part of your picture say…

=============================================
Avast antivirus blocked content on this website
cdn.w55c.net Hosted by: benzworld.org

and on w55c.net you find this info

[b]What is w55c.net?[/b]

w55c.net is a domain used by DataXu when directed by a customer, to place cookies on the computers of visitors to our customer’s websites and those who view advertisements. The domain w55c.net will NOT install any software on your computer or mobile device.

If at any time the visitor does not wish to allow his/her session visitation information to be aggregated and analyzed by DataXu, he/she may utilize our out-out mechanism, which can be accessed from these locations:

Opting out of w55c.net cookies requires the placement of an out-out cookie in your browser. w55c.net cookies can also be cleared using through your web browser’s cookie clearing function, however you may need to reapply the opt-out if you want DataXu to continue to honor your opt-out preference. The privacy policies of the websites you visit describe the collection and use of information on those websites. All mentions of w55c.net also applies to the following domains of w55c.net, which may include: cdn.w55c.net, tags.w55c.net, cti.w55c.net, cts.w55c.net, ads.w55c.net, and i.w55c.net.

so I went into the opt out for cdn.w55c.net and did the opt our at ghostery enterprises and the digital advertising alliance.

I will post my results.

@DavidR, are there similar settings available for IE11?

If you mean:

There are a very large number of 3rd party site accesses, [b]I use NoScript and also RequestPolicy add-ons[/b] these prevent 3rd party sites (the JS stuff could be coming from there).

Then IE11 is pretty sparse on add-ons, I don’t believe these are available. I don’t have IE11 as neither of my OSes support it, so I can’t confirm one way or the other. I just know that the Avast Online Security (AOS) add-on can’t be installed on IE11.

Opting out did nothing.

DavidR, It looks like one of the things requestpolicy does is prevent cross scripting. I’m wondering if cross scripting is causing the fail? I have the XSS filter in IE11 enabled.

Or maybe I should just try to mirror your firefox browser setup since you can get on the site.

Well NoScript would stop all scripts, with the exception of sites that you have explicitly allowed in NoScript. That however, stops the script running, but if the script is embedded in the page code avast would still scan it as it is scanning the whole page content.

RequestPolicy is very handy as it blocks access to 3rd party sites, if it can’t go there, if the JS:Includer-ANT[Trj] code is off-site then avast wouldn’t be going there either.

That Said I don’t know if that is the issue as I have just gone back and in NoScript I selectively allowed a shed load of 3rd party sites (one at a time) and didn’t get an alert. I then allowed the sites one at a time in RequestPolicy and still didn’t get an alert.

The only other thing that I came across was a popup about Cookie and Data use Consent. I use Cookie Monster and Firefox to block 3rd party cookies, but I’m uncertain if this is responsible for the alert.

that is pretty weird. I suppose I could start with a clean install of firefox, try to open the site, and then add the add ons one at a time if needed

Opting out of w55c.net cookies requires the placement of an out-out cookie in your browser.
So they use a cookie if you tell them you don't want one. >:(

Ok, so you don’t want spinach ?
No problem, I’ll get you something else.
Here is spinach for you.

The hidden links to ad-sites are malicious behavior and need to be removed.

Next to that, the use of IFrame is deprecated since HTML version 4.01 (7 years ago) and obsolete since version 5 (2 years ago).
The owner of benzworld should clean things up and update things.