I started getting this alert today. I’ve updated the VPS but it still occurs

See attached

Here is one site http://forums.steves-digicams.com/close-ups-14/

Well it isn’t the site that you are visiting but its association with hXXp://simbeppc.com and that is what avast is blocking, image1. I use firefox and the NoScript add-on and I don’t get an alert on that site as NoScript blocks all scripts including the simbeppc.com script, image2.

I have another question why is the process connecting to the site go36f4~1.dll and not your browser ?

Whilst avast doesn’t like simbeppc.com ther are some AVs that don’t like the pixel.js (javascript file), VirusTotal results on pixel.js file

Edit: Another analysis also considers this file and some others on that site suspicious, image3