The plugin part for AES encryption in our Util plugin is detected by some virus scanners as having a virus. I think they name it Ursnif.21. Seems like this virus uses similar code for AES encryption than we. But a little change in the plugin makes the plugin dll now pass those virus scanners.
So if you see this, please use 12.1pr3 or newer plugins. We fixed it!
If you wonder how a virus scanner checks a file, well, it's basically a combination of several patterns they look for. So if a file has a certain byte pattern in it's content, the scanner would detect the virus. It doesn't have the whole virus to compare, but only small fragments in the database. this way it could happen that they detect a virus which normally is part of a 1 MB exe file in a 4 KB dll where it may not even fit.