When i power on Kali machine on virtual host (NAT), kaspersky antivirus on host machine block opening pages:

http[:]//ct.mirror.garr.it/mirrors/kali/pool/main/r/responder/responder_2.3.3.8-0kali1_all.deb//data.tar.xz//data.tar//./usr/share/responder/tools/MultiRelay/bin/mimikatz.exe --> Object name: HEUR:Trojan.Win32.Generic

http[:]//ct.mirror.garr.it/mirrors/kali/pool/main/m/mimikatz/mimikatz_2.1.1-20170801-0kali1_all.deb//data.tar.xz//data.tar//./usr/share/mimikatz/Win32/mimidrv.sys --> Object name: Trojan-PSW.Win32.Mimikatz.gen

http[:]//ct.mirror.garr.it/mirrors/kali/pool/main/e/ettercap/ettercap-common_0.8.2-6_amd64.deb//data.tar.xz//data.tar --> Object name: HEUR:\DoS.Linux.Agent.c

Is this normal behavior or what might be the problem.

Not surprising at all that antivirus is warning about Kali; you'll likely have to turn off AV for Kali to run.

That's pretty obvious. Turn it off. :)

Thanks for the answers, but i don't have any problems running kali as virtual machine, just wondering if kali is trying to download some nasty viruses while running.

Thanks for the answers, but i don't have any problems running kali as virtual machine, just wondering if kali is trying to download some nasty viruses while running.

My AV blocked Kali mirror too
24.09.2017 16.30.48;Download blocked;http://ct.mirror.garr.it/mirrors/kali/pool/main/e/ettercap/ettercap-common_0.8.2-6_amd64.deb//data.tar.xz//data.tar;HEUR:DoS.Linux.Agent.c;http://ct.mirror.garr.it/mirrors/kali/pool/main/e/ettercap/ettercap-common_0.8.2-6_amd64.deb//data.tar.xz//data.tar;VirtualBox Manager;Unknown object;09/24/2017 16:30:48
- HEUR.DoS.Linux.Agent.c
Sounds like one of the mirrors might be poisoned with a trojan