epg123.exe detected as a trojan

An evolving, supported alternative to Rovi
Forum rules
★ Download the latest EPG123 here: https://garyan2.github.io/ <> Setup guide here: https://garyan2.github.io/install.html
User avatar
garyan2

Posts: 7438
Joined: Fri Nov 27, 2015 7:23 pm
Location:

HTPC Specs: Show details

#21

Post by garyan2 » Sat Oct 01, 2016 3:40 pm

STC wrote:Luckily for me I run WMC on W7 with no AV. Is there a way to submit the false positive issue to MS?
Submitted to MS last night as the developer. Let's see what happens. VirusTotal had absolutely no detections (0/57) as well.
- Gary
Keeping WMC alive beyond January 2020. https://garyan2.github.io

Sammy2

Posts: 1708
Joined: Fri Aug 24, 2012 7:35 pm
Location:

HTPC Specs: Show details

#22

Post by Sammy2 » Sat Oct 01, 2016 6:52 pm

I'm on v1.0.0 rev2 after it was detected the first time. I have MSE set to do a nightly quick scan and thus far it has never been detected as a virus.

jdlive

Posts: 9
Joined: Thu Apr 07, 2016 1:37 pm
Location:

HTPC Specs: Show details

#23

Post by jdlive » Sun Oct 02, 2016 3:13 pm

Strange, I have 2 systems running epg123. Had the issue with automatch on FiOS, while fixing that I upgraded to 1.02 and it's not getting flagged at all, so that system works fine. The other was still on 1.01 and when I checked it yesterday it hadn't been updating because the .exe was flagged and removed. Tried updating it to 1.02 and it won't allow it, even using the downloaded file from the other system. Weird.

Sammy2

Posts: 1708
Joined: Fri Aug 24, 2012 7:35 pm
Location:

HTPC Specs: Show details

#24

Post by Sammy2 » Sun Oct 02, 2016 4:29 pm

MicroSoft doesn't appreciate us very much.

User avatar
spanner

Posts: 269
Joined: Mon Jun 06, 2011 6:36 pm
Location: Corbett Oregon USA

HTPC Specs: Show details

#25

Post by spanner » Mon Oct 03, 2016 4:30 am

saw this thread, so i checked my HTPC and sure enough epg123 had been removed a few days ago. I am running v1.0.2. Is it best to just disable security essentials for now? I am not seeing where to authorize it (edit: never mind I found it)

glorp

Posts: 369
Joined: Sun Sep 23, 2012 2:54 pm
Location:

HTPC Specs: Show details

#26

Post by glorp » Mon Oct 03, 2016 6:40 am

<nvm>

captain_video

Posts: 121
Joined: Sun Aug 21, 2011 8:52 pm
Location:

HTPC Specs: Show details

#27

Post by captain_video » Mon Oct 03, 2016 12:57 pm

I updated all three of my HTPCs with version 1.02 of epg123. When I copied the new epg123.exe over to the folder I noticed that the original .exe file had been removed. I figure there must be a way to exclude certain files or folders from being scanned in MSE, but I haven't had a chance to look at it yet.

User avatar
spanner

Posts: 269
Joined: Mon Jun 06, 2011 6:36 pm
Location: Corbett Oregon USA

HTPC Specs: Show details

#28

Post by spanner » Mon Oct 03, 2016 2:12 pm

captain_video wrote:I updated all three of my HTPCs with version 1.02 of epg123. When I copied the new epg123.exe over to the folder I noticed that the original .exe file had been removed. I figure there must be a way to exclude certain files or folders from being scanned in MSE, but I haven't had a chance to look at it yet.
In win 7 MSE its settings-exclude files or folders. hope this can be fixed for people that run epg123 and dont visit here often.

Sammy2

Posts: 1708
Joined: Fri Aug 24, 2012 7:35 pm
Location:

HTPC Specs: Show details

#29

Post by Sammy2 » Mon Oct 03, 2016 2:21 pm

Checked again this morning and my epg123 v1.0.0, Rev 2 (after it was tweaked when it was first getting the false positive Trojan in MSE) is still there and has not been picked out by MSE. I wonder if whatever tweak was made to the code then needs to be implemented in the later versions. I decided to not update to these versions being as mine works fine and there was very slight regression in v1.0.1 and v1.0.2 still is getting picked up as a Trojan. I think I'll stay put on v1.0.0 for now.

captain_video

Posts: 121
Joined: Sun Aug 21, 2011 8:52 pm
Location:

HTPC Specs: Show details

#30

Post by captain_video » Tue Oct 04, 2016 12:38 pm

spanner wrote:
captain_video wrote:I updated all three of my HTPCs with version 1.02 of epg123. When I copied the new epg123.exe over to the folder I noticed that the original .exe file had been removed. I figure there must be a way to exclude certain files or folders from being scanned in MSE, but I haven't had a chance to look at it yet.
In win 7 MSE its settings-exclude files or folders. hope this can be fixed for people that run epg123 and dont visit here often.
Thanks. I excluded the epg123 folder in MSE on all of my HTPCs last night. This should hopefully eliminate any future deletions of the epg123.exe file.

User avatar
IT Troll

Posts: 1172
Joined: Sun Nov 27, 2011 9:42 am
Location: Edinburgh, UK

HTPC Specs: Show details

#31

Post by IT Troll » Tue Oct 04, 2016 9:58 pm

Not getting flagged for me on Windows 8.1 running Windows Defender. Which I am sure uses the same definition files. :eh:

I've added an exception though just in case...
Are you a Recorded TV HD user or want to give it a try? Check out the new community-made update; Recorded TV HD v2.1.1

User avatar
garyan2

Posts: 7438
Joined: Fri Nov 27, 2015 7:23 pm
Location:

HTPC Specs: Show details

#32

Post by garyan2 » Wed Oct 05, 2016 3:37 am

Just got a response from the Microsoft on the false detects. Looks like v1.0.2 is now good-to-go with Windows Defender and MSE.
Microsoft Malware Protection Center wrote:New definition library for Microsoft Anti-Malware has been updated. We believe this new definition library contains the updates necessary to resolve your question in regards to Microsoft Anti-Malware.

New definition library is now available for users who subscribe to the automatic definition update mechanism, as well as users who choose to manually update their definition library.

We encourage you to try these new definitions and ensure your inquiry has been resolved. If your machine has not been updated with this version of definitions you can download and install the definitions manually following these steps:

• Go to http://www.microsoft.com/security/porta ... s/adl.aspx
• Download the corresponding definitions (32 bit or 64 bit based on your operating system)
• Run the downloaded file to install the new definitions

In case of any further incorrect detections, we ask that you to submit the actual file sample that is detected by the Microsoft Anti-Malware solutions and mark it as an Incorrect Detection (select option “I believe this file should not be detected as malware”). Please make sure you provide your email account details when submitting samples in order to ensure submission communication is complete.

You can use our portal submission form when submitting samples for further investigation available here:
https://www.microsoft.com/security/port ... ubmit.aspx

We apologize for any inconvenience this may have caused. If you have any additional questions related to this inquiry, please contact us at mpcreply @ microsoft.com. Should you need to contact us in the future regarding a question unrelated to this inquiry, please fill out the appropriate form at http://www.microsoft.com/security/porta ... urces.aspx .

Thank you for contacting Microsoft.

Sincerely,
Microsoft Malware Protection Center
- Gary
Keeping WMC alive beyond January 2020. https://garyan2.github.io

User avatar
STC

Posts: 6808
Joined: Mon Jun 06, 2011 4:58 pm
Location:

HTPC Specs: Show details

#33

Post by STC » Wed Oct 05, 2016 1:21 pm

Great news, hopefully.
By the Community, for the Community. 100% Commercial Free.

Want decent guide data back? Check out EPG123

glorp

Posts: 369
Joined: Sun Sep 23, 2012 2:54 pm
Location:

HTPC Specs: Show details

#34

Post by glorp » Wed Oct 05, 2016 3:58 pm

Translation: "We'll no longer detect the software that allows our software to be used again as intended, as a virus."

Sammy2

Posts: 1708
Joined: Fri Aug 24, 2012 7:35 pm
Location:

HTPC Specs: Show details

#35

Post by Sammy2 » Wed Oct 05, 2016 4:36 pm

You go first!

[Until then, I'm sticking on 1.0.0 which hasn't been affected by this or by the missing channels issue]

I know this will all be worked out but I'm willing to wait on it with my production WMC..

Sammy2

Posts: 1708
Joined: Fri Aug 24, 2012 7:35 pm
Location:

HTPC Specs: Show details

#36

Post by Sammy2 » Wed Oct 05, 2016 4:37 pm

glorp wrote:Translation: "We'll no longer detect the software that allows our software to be used again as intended, as a virus."
Pretty much..

Sammy2

Posts: 1708
Joined: Fri Aug 24, 2012 7:35 pm
Location:

HTPC Specs: Show details

#37

Post by Sammy2 » Sat Oct 08, 2016 8:21 pm

Soo

I've been holding on v1.0.0. Is it safe to update now? IIR v1.0.1 had a little bit of regression but is v1.0.2 good to go with no false positives?

Post Reply