Probably a false positive

Hi,
Avast block this website that is widely used in the area.I do not find it doing harm to the device.
http://r6.loli.io/ne6FBj.png

Thanks.

https://sitecheck.sucuri.net/results/hao123.com

There is a lot more that need to be taken care of there :
http://www.threatlog.com/domain/hao123.com/
http://www.ipvoid.com/scan/123.125.115.150/
http://www.web-malware-removal.com/website-malware-virus-scanner/?url=www.hao123.com
https://securityheaders.io/?q=www.hao123.com
http://retire.insecurity.today/#!/scan/d7b84dcd6a80aaf68074a70227bd4b9f87e30880c3e4ac8e049cc8e0d139df9e
https://www.ssllabs.com/ssltest/analyze.html?d=www.hao123.com
http://zulu.zscaler.com/submission/show/606bf3d3ea119ad7cd09de78a2e2020c-1463894859

html scan
https://virustotal.com/nb/file/3c75df9c0937361a1a1b66bbed666cd7bdfe572e08bd93ac6d898adc3d05213e/analysis/1463907583/

The malware name in your second image indicates a compressed javascript file being loaded along with the home page. That is what the /|{gzip} bit at the end of the URL indicates.

There doesn’t appear to be any date of scan from that Norton image you posted.

Well errors against the so-called same-origin security policy detected:
3 issues: https://sritest.io/#report/b17b6318-d984-4054-9bf7-9bed989dff9d
jQuery issues: -https://www.hao123.com/
Detected libraries:
jquery - 1.7.2 : (active1) -https://gss1.bdstatic.com/5eN1dDebRNRTm2_p8IuM_a/v5/Me/ZB/ZX/zO/uz/MeZBZXzOuz.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
1 vulnerable library detected

See: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fgss1.bdstatic.com%2F5eN1dDebRNRTm2_p8IuM_a%2Fv5%2FMe%2FZB%2FZX%2FzO%2Fuz%2FMeZBZXzOuz.js

Sucuri flags:

pol

The culprit was “c8ft.com”.
If only the chinese would use sane domain names instead of “jd37.net, tb1u.com, 4h6s.com, 4y4c.com, 5s4f.com, 6d4g.com, 6gh4.com, bj73.com, ds5f.com, f41g.com, f5gh.com, fd4f.com, gh6j.com, gh8s.com, kl1l5.com”, they would be blocked farr less often :slight_smile:
I unblocked all those similar now.