Probably because some of the drivers are .EXE? And your antivirus setting blocks any website which has .EXE downloadable? Does your antivirus software feature whitelist?

It doesn't seem to be as simple as that; many sites I visit host executable files, and I've never seen that warning before. It's almost like it detected something specific, but didn't provide any information about the nature of the warning. I can bypass the warning, but now I'm wondering if that's not an unnecessary risk.

So what is that antivirus software? If we knew whether it was blacklisting sites, that would help. At least the site isn't on any of the blacklists here (Sucuri, McAfee, Google, Norton, Yandex).

Given the number of files on vogons drivers false postives are always more than likely. Virustotal ftw (assuming the shitty av can tell you what file it doesn't like on the website).

DosFreak wrote:

Given the number of files on vogons drivers false postives are always more than likely.

Couldn't agree more.

(1) Vogons Drivers hosts executables.

(2) Vogons Drivers is not a big name download site. For example, Microsoft dot com also hosts executables, but it is a big name software company, so an antivirus software doesn't take it as malware sites. Vogons Drivers, on the other hand, is relatively unknown, and it hosts executables. So you got the picture.

If the said AV software had whitelist, better put Vogons Drivers on it.

My antivirus software even blocks images on Vogons for some reason.
I think the problem with the EXE files is that they are DOS EXE files?
Windows files have a DOS EXE attached as a 'stub' (so if you run them in DOS, they print "This program cannot be run in DOS mode." or whatever it was). After that, there is the Windows payload. So basically a Windows EXE is constructed as a Portable Executable, where the PE header has an MZ (DOS executable) program embedded at the start.
It seems that a lot of antivirus software assumes that any EXE file must be Windows, so when they see an MZ header, and can't find a PE header, they flag it as a false positive.
Not to mention that they assume 32-bit or 64-bit code, so the 16-bit x86 code in a DOS file looks suspicious as well.

If your AV starts blocking content on an clearly clean website its time to remove it.

Your antivirus has become a virus.

Scali wrote:

My antivirus software even blocks images on Vogons for some reason.

Same here, Nit vogons images but ones people link.
Its no amazed that vogons drivers site could be flagged for malware, it hosted EXE files and is a no name site hardly anyone outside of retro PC folks go there.

OP, by chance are you using BitDefender?

Stojke wrote:

If your AV starts blocking content on an clearly clean website its time to remove it.

No. When it comes to antivirus I would take few false positives for zero false negatives.

Occasionally I scan my computer with the newest Kaspersky rescue disk to see if Defender let anything trough and it never finds anything.
If you have reason when working with files, that includes downloading, plus how modern operating systems are today i am 99% sure that you will never have problems with viruses or malware (Unless its some type of zero day threat, but even that is discussible).

Uploading to VogonsDrivers requires permission from SquallStrife (our Vogons member and host of VogonsDrivers) by requesting him to provide the login details. I suppose those who upload are responsible lot and will make sure the files are clean. And I believe Vogons users are quite aware of the malware and viruses and have proper protection installed in the uploading machines.

Uploading to VogonsDrivers cannot be performed by anyone not registered by contacting SquallStrife.

And yes, what IS that anti-virus software??? And why no specific info about that warning?

Jade Falcon wrote:

OP, by chance are you using BitDefender?

Nice call.
https://virustotal.com/en/url/063e34196b0c441 … sis/1500487100/
I bet it's a false positive in their current definitions. If somehow they are picking up something legit (which I highly doubt), it would be nice to have someone pinpoint the exact file so it can be cleaned up.

It would be nice to know why and what av the ip is useing.

Malik wrote:

And yes, what IS that anti-virus software??? And why no specific info about that warning?

As others have suggested, it is BitDefender. I didn't provide any additional details because I don't have any; it summarily blocked access to the site without further information. I can't find any details in the logs, either. The only option it gave me was an "I understand the risks, take me there anyway" link. The lack of information is frustrating for me, as well, and I would gladly share the details if I had any.

This message first appeared last night, immediately when I tried to visit the home page. To me, that would imply that it was either already black-listed, or it detected something in those few kilobytes that it didn't like. One interesting occurrence is that I tried again a few minutes ago, and the page loaded, but without the Categories tree that is usually on the left. When I refreshed a few seconds later, it was blocked again.

Scali wrote:

My antivirus software even blocks images on Vogons for some reason.

I suspect that's related to images that are linked as HTTPS, without a perfect certificate in place.

Scali wrote:

I think the problem with the EXE files is that they are DOS EXE files?

It hasn't complained about my own local file server, and many of the files on it are old, pre-Win32 executables and old, "dead" archive formats. There seems to be more to this story than just a few old EXE files.

Could be due to wrappers.vogonsdrivers.com? Don't know exactly what's public yet, but there's a ton of wrappers there, and wrappers generate a ton of false positives in general.

I don't know if anything else has been done, but I reported the site as a false positive via their Web site a few days after mentioning the problem here. Within a few days, when the updated definitions were installed, the warning was gone.