It has been reported that the AVG antivirus finds a trojan in some MegaEPG executable files. I tested the distributions on the sites and found that the megaepg_setup on the mirror site (a Google page, by the way) was changed! I don't know who an how changed the file and whether a virus was injected in. All I know right now is that the file has no digital signature I signed it with. I will continued the investigation tomorrow. I have removed the megaepg_setup from the mirror and would like to ask everyone who lately downloaded the megaepg_setup.exe from the mirror link to verify its digital signature (Right mouse click, Properties, the tab "Digital Signatures" should be there and the signature must be valid, otherwise the file is NOT genuine) and if the signature does not exist or not valid, remove the program immediately, download and install it from the site.
Always (always!) verify the file signature *before* running the megaepg_setup. Read more about the signature and pvr.co.il root certificate installation. Stay tuned, more clarification is to come.