Blocklist Manager installer alert, F/P?

I wanted to use the Blocklist manager, which I thought is a fairly known application, but NOD32 v3 threw these alerts at me

4/23/2009 2:28:39 PM Real-time file system protection file E:\a-Apps\a-Apps-A3\BlockListMgr\Blocklist_Manager_Install_2.7.7.exe Win32/NetTool.Portscan.C application NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Opera\opera.exe.

4/23/2009 2:28:03 PM Real-time file system protection file C:\Documents and Settings\Owner\Local Settings\Application Data\Opera\Opera\profile\cache4\opr0465A Win32/NetTool.Portscan.C application NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\Program Files\Opera\opera.exe.

Am I supposed to worry, submit to ESET or what?

 

Hello,

I just tried downloading a copy of the file from the author on a system with virus signature database 4031 and was unable to reproduce this.

Can you please update your virus signature database to 4031 (or newer), try downloading the file again and report back what warnings you receive from your copy of ESET NOD32 Antivirus, if any?

Regards,

Aryeh Goretsky

 

My signatures are 4031 as well
What now?

 

I just tried again, same alert
I'm new to this, and this was the last link I used just now
http://blocklistpro.com/download-ce...1437-blocklist_manager_install_2.7.7.exe.html

another time it wasn't .htm, it was .exe, eventually I got both. I don't understand that site really.

 

agoretsky,
I just found a relevant post on this site
https://www.wilderssecurity.com/showthread.php?t=234851&highlight=protowall
what do you think - install it or not?

 

file0030.bin gives Nod concern.

 

Bubba,
How did you get this nice long log? And did you install from the same place I did?

Btw, I scanned the .html and .exe files separately few minutes ago. 121 objects each. NOTHING detected. Go figure.
Both files have identical CRC, MD5 and SHA values.

Anyway, here's another link - appears the alert is due to the angryIP port checking application (angryziber) which now is an optional item to install since people reported various antimalware complaints.
http://www.bluetack.co.uk/forums/lofiversion/index.php/t17393.html

 

By selecting Log all objects in the Other section of ThreatSense engine parameter setup for for the scan I ran which was On-demand computer scan.

The exe I downloaded was from the blocklistpro.com site.

Bubba

 

It's not FP. The installation package contains the IP Scanner tool which can be exploited for malicious purposes and thus it's detected as unsafe application.

 

Hmmmm, Same setting here, and no details for me. Though I did NOT do computer scan. The first bunch of alerts (initial post) were just from download. Then the second, from scanning the files by NOD in the context menu of explorer.
Do you think there might be a difference? Of course I'll find out when I scan the computer (I don't do that too often, real-time job is effective), but I thought you might now.

 

Makes perfect sense now. Thank you very much.
Had I known the portscan was part of an editor of IP files i wouldn't have bothered anybody here. Thanks to all