Entropia Universe Helper?

I got this mail today, and I'm not sure I can thrust it.

It ended up in my spam mail, and offers me to download from mediafire instead of their own FTP.

Sender is: planetcalypso@entropiauniverse.com

EDIT: If you do get infected: kill the process called "internet.exe" (You can do this with ctrl+alt+del>Task Manager>Processes. Then right-click on the process and choose "End process".)

Then go to Start>All programs>Startup. Delete Internet.exe, while holding the shift key down, this makes sure the program is completely removed.

Now you'll have to change all proxy servers used by your machine:

Start up Internet Explorer and go to Tools>Internet Options>Connections>LAN-Settings. You will see that is uses a proxy, if you weren't using one before, you can switch the proxy off. If you were using one, re-enter the data.

---This proxy is used by all other programs as well, like EU, windows Update, etc...---

In Firefox, you can use this document: http://support.mozilla.com/en-US/kb/Options window - Advanced panel?s=proxy&as=s
Scroll down to connection. If you haven't used a proxy before, you should use "No proxy"

In Chrome, use this document: http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=106010

In Opera, use this document: http://www.opera.com/support/kb/view/332/
This doesn't explicitly say how to disable a proxy, but I'm sure you can find the option to disable the proxy.

NOTE: You can set all browsers to use the machine's proxy as well, this way you'll only have to change one proxy.

If I haven't added instructions for your browser, head over to their website and go to the support section. You should be able to search for "proxy" here. This will bring you to a page, explaining how to change proxies.
A search on Google with "[browser name] proxy" will also return these pages.

This is all I could find about the virus. It is however possible that a keylogger is sent with the program as well, but I haven't noticed any yet.
So be cautious when playing any games. You can use the screen keyboard if you want to be really sure (Windows Vista and newer: Start>Search Bar>"osk.exe"> Enter. Older: Start>Run>"osk.exe">Enter.)

 

Thought I could test it anyways, seems like it fucked up my internet connection..

 

Have taken a look at the header, it's from Russia...

 

Ok, I found out it contained a virus, which dropped a proxy configuration...

 

Did some check with avast, malwarebytes, ... So I'm pretty sure it's ok :)

 

Will do a few more scans ;) I do not have a goldcard.. How much do they cost?

I really have no idea how they might have gotten my e-mail..

Sent a support with the e-mail, yesterday. But I haven't had any response yet.

 

Oh.. They're in PED :/ Well, I'll just be careful then.. Second round of scans is almost done :)

 

Don't think it will be necessary ;) Located all malicious files and registry keys. I'm gonna play on an alternate my brother's best friend's uncle's son's account for a few days now, just to be sure..

 

My sister's account? No; my brother's best friend's uncle's son's account..

 

Added removal instructions to the OP

 

It does remove it. The whole .exe is placed in there, and not just a shortcut.