VirtualBox 4.3.20 virus alert with Avira

[zecagalo]

Hi, I just updated VirtualBox to version 4.3.20 and Avira blocked it due to virus warning:

Virus or unwanted program 'TR/Crypt.XPACK.Gen2 [trojan]'
detected in file 'C:\Program Files\Oracle\VirtualBox\VirtualBox.exe.
Action performed: Transfer to Scanner

Virus or unwanted program 'TR/Crypt.XPACK.Gen [trojan]'
detected in file 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.dll.
Action performed: Transfer to Scanner

Virus or unwanted program 'TR/Crypt.XPACK.Gen2 [trojan]'
detected in file 'C:\Program Files\Oracle\VirtualBox\VBoxNetDHCP.exe.
Action performed: Transfer to Scanner

Virus or unwanted program 'TR/Crypt.XPACK.Gen2 [trojan]'
detected in file 'C:\Program Files\Oracle\VirtualBox\VBoxNetNAT.exe.
Action performed: Transfer to Scanner

Any hints in this? Will it be soved soon?
Thanks.

[loukingjr]

See Windows 4.3.20 specifically for errors due to security
You could try the 4.3.21 test build.

[mpack]

Personally, I think you should be asking Avira to explain the false positives from their software, not asking us about it. It really doesn't matter whether it produces the same incorrect result with VBox 4.3.12 and 4.3.21.

VirtualBox is open source. You really don't need indirect tests to see what's in the code.

[loukingjr]

mpack is correct and originally I was just going to respond that they were false positives which is common with anti-viral programs. I have to admit I suggested trying the 4.3.21 test build just to see if Avira would flag the same sections of code. But it is always up to any anti-viral program to fix false positives and not the code that triggers them as mpack said.

[zecagalo]

Hi, thanks for the replies. I'll ask Avira on this, but anyway, it's allways a good idea to trust you AV software, specially when you're not sure about a particular software. Anyone and anything is vulnerable to malware so it's never too much to play it safe. I wouldn't think VirtualBox had some malware inside it but, neither the less, we hear reports from great renowned companies around the world being hacked and poisoned from time to time, so it's always good to know the opinion from both sides, which was what I was trying to get here.

[frank]

We have asked Avira in the past. Unfortunately they have only a web interface where one can ask them to test a specific package. Unfortunately there is no feedback.

[c7rolek]

Avira is rather fast in support stuff, but sometimes their responses are unreliable. For example, I have send my password rar protected archive which Avira classified as an Trojan (the file inside archive was clean) and the support has claimed that archive content is clean but rar file is dangerous (what was just ridiculous).
If You installed VBOX from official installer just add exception to Avira and forget about the case. Though, You could check and compare md5 sum of VBOX exe.