If you notice these files then it is safe to assume you are infected. To remove these please delete the following: \WINDOWS\system32\d3dclsrv.dll \WINDOWS\system32\ndsdavsrv.sys \WINDOWS\system32\comclg32.dll Then open the registry (START > RUN > type ‘regedit’). In the folder view on the right please open up the following path: HKEY LOCAL MACHINE\System\ControlSet001\Services\ndsdavsrv In that folder you will see the following: ImagePath=\??\C:\WINDOWS\System32\ndsdavsrv.sys . Please delete this entry. Reboot your machine. Go back to the registry (START > RUN > type ‘regedit’) and open the following path: HKEY LOCAL MACHINE\ Software\Microsoft\Windows\CurrentVersion\Run You will see the following key. Comclg32=C:\WINDOWS\System32\utlsrv.exe /Comclg32.dll Please delete that entry. Now bring up your Task Manager (CTRL+ALT+DEL, click the Processes tab). Look for the program utlsrv.exe and right click on it and select End Process. Open the C:\Windows\System32 folder and find the file utlsrv.exe. Delete it. CHANGE ALL OF YOUR POKER SITE PASSWORDS Please delete all instances of rbcalc (RBCalc.exe). We do not want any users running this software. The software will no longer be supported and the web pages will be replaced with the message you are reading now. Although this software was infected, we have thoroughly examined our websites and have found that none of them were compromised. The person who programmed this file did not have access to any of our sites. He would send updates by way of email, we would virus scan it (what good that did!), and then we would upload it to our website. Any information stored on Rake Tracker, Your Poker Cash, and Check Raised remains secure and safe. To prevent such situations from happening in the future, we do not plan on developing any executable applications. In addition, all future programming will be done in-house to ensure the maximum safety that we can provide to our users. We have submitted all of the information that we have to CERT, Symantec, McAfee, and TrendMicro. Please help us heighten awareness of this issue and forward this page to the developer of your anti-virus software. We are deeply sorry for any trouble we may have caused. We hope that we have not ruined your trust and faith in us, but right now our highest priority is protecting any and all users and removing this potentially damaging software from all computers.