Apache Benchmark: Stress-Test Apache With ab

Posted by Rakesh under Research, Technology

I’ve been having some issues with Apache lately in that it and MySQL aren’t playing nicely performance-wise. I’ve raised meaningful numbers. I’ve raised, lowered, raised, lowered, deleted, added, moved, and raised meaningless numbers. I’ve done a lot.

In the end, “time wget” gets you only so far when it comes to seeing how fast a page loads. Once you get Apache doing its job, it’s down to the database and the PHP code that’s running it all and that can get real fun to test.

Happily, Apache includes a very useful tool (in my experience) for hammering the living hell out of a server. It’s called Apache Benchmark (“ab” is the binary’s name) and it can really hand a server it’s own ass if you don’t watch it.

ab -kc 10 -t 30 http://localhost/

That will open 10 connections, use Keep-Alive on them, and then hammer localhost for 30 seconds through those connections. When done, you get a pretty little chart telling you what broke and how long it took to start screaming. Try fifty KA connections for five minutes if you really feel sadistic. That’d be equal to a very high-end hammering from Fark or Slashdot. Watch your server cry.

For best results, though, use it on another machine. You want to not only test the network connection but also leave the server’s CPU and OS to think about serving, not about pulling it down as well.

ab is included in Mac OS X as a part of the built-in Apache-based PWS.

If you want to hide your IP address (in order to protect your privacy) then you can send multiple requests to specific sites / webpages in specific time span via Proxy Server. You just release the following command from the commandline (Apache Server must be installed on your computer):

rakesh@debian ~]$ ab -kc 10 -t 30 -X 128.119.41.210:3128 http://localhost

Whereas:

ab Apache Benchmark

-k Enable the HTTP KeepAlive feature, i.e., perform multiple requests within one HTTP session.

-c Number of multiple requests to perform at a time. Default is one request at a time.

-X Use a proxy server for the requests.

-t timelimit: Maximum number of seconds to spend for benchmarking.

For option please read the manual.

Manual for Apache Benchmark tool:

NAME
ab – Apache HTTP server benchmarking tool

SYNOPSIS
ab [ -A auth-username:password ] [ -c concurrency ] [ -C cookie-name=value ] [ -d ] [ -e csv-file ] [ -g gnuplot-file ] [ -h ] [ -H custom-header
] [ -i ] [ -k ] [ -n requests ] [ -p POST-file ] [ -P proxy-auth-username:password ] [ -q ] [ -s ] [ -S ] [ -t timelimit ] [ -T content-type ]
[ -v verbosity] [ -V ] [ -w ] [ -x

-attributes ] [ -X proxy[:port] ] [ http://]host‐name[:port]/path ]

SUMMARY
ab is a tool for benchmarking your Apache Hypertext Transfer Protocol (HTTP) server. It is designed to give you an impression of how your current
Apache installation performs. This especially shows you how many requests per second your Apache installation is capable of serving.

OPTIONS
-A auth-username:password
Supply BASIC Authentication credentials to the server. The username and password are separated by a single : and sent on the wire base64
encoded. The string is sent regardless of whether the server needs it (i.e., has sent an 401 authentication needed).

-c concurrency
Number of multiple requests to perform at a time. Default is one request at a time.

-C cookie-name=value
Add a Cookie: line to the request. The argument is typically in the form of a name=value pair. This field is repeatable.

-d Do not display the “percentage served within XX [ms] table”. (legacy support).

-e csv-file
Write a Comma separated value (CSV) file which contains for each percentage (from 1% to 100%) the time (in milliseconds) it took to serve
that percentage of the requests. This is usually more useful than the ’gnuplot’ file; as the results are already ’binned’.

-g gnuplot-file
Write all measured values out as a ’gnuplot’ or TSV (Tab separate values) file. This file can easily be imported into packages like Gnu‐
plot, IDL, Mathematica, Igor or even Excel. The labels are on the first line of the file.

-h Display usage information.

-H custom-header
Append extra headers to the request. The argument is typically in the form of a valid header line, containing a colon-separated field-value
pair (i.e., “Accept-Encoding: zip/zop;8bit”).

-i Do HEAD requests instead of GET.

-k Enable the HTTP KeepAlive feature, i.e., perform multiple requests within one HTTP session. Default is no KeepAlive.

-n requests
Number of requests to perform for the benchmarking session. The default is to just perform a single request which usually leads to non-rep‐
resentative benchmarking results.

-p POST-file
File containing data to POST.

-P proxy-auth-username:password
Supply BASIC Authentication credentials to a proxy en-route. The username and password are separated by a single : and sent on the wire
base64 encoded. The string is sent regardless of whether the proxy needs it (i.e., has sent an 407 proxy authentication needed).

-q When processing more than 150 requests, ab outputs a progress count on stderr every 10% or 100 requests or so. The -q flag will suppress
these messages.

-s When compiled in (ab -h will show you) use the SSL protected https rather than the http protocol. This feature is experimental and very
rudimentary. You probably do not want to use it.

-S Do not display the median and standard deviation values, nor display the warning/error messages when the average and median are more than
one or two times the standard deviation apart. And default to the min/avg/max values. (legacy support).

-t timelimit
Maximum number of seconds to spend for benchmarking. This implies a -n 50000 internally. Use this to benchmark the server within a fixed
total amount of time. Per default there is no timelimit.
-T content-type
Content-type header to use for POST data.

-v verbosity
Set verbosity level – 4 and above prints information on headers, 3 and above prints response codes (404, 200, etc.), 2 and above prints
warnings and info.

-V Display version number and exit.

-w Print out results in HTML tables. Default table is two columns wide, with a white background.

-X proxy[:port]
Use a proxy server for the requests.

Big Brother is Watching — Protect Your Web Searches!

Posted by Rakesh under FYI, Life, Technology, Uncategorized

Advances in technology, including the internet, have dramatically changed the way we collect and use personal information. Personal information can be transferred globally and more rapidly now than ever before. This has influenced the way we think about privacy and the protection of personal information.

Surfing the Internet can be fun and educational. Email is a great way to stay in touch with family and friends, Chat groups and discussion groups allow you to communicate with people with similar interests.

Most people are aware of the Internet’s benefits, but not everyone is aware of how the Internet can threaten personal privacy and the steps you can take to protect your privacy in cyberspace. There are some simple steps you can take to safeguard your own privacy, and you do have certain protections under the Personal Information Protection and Electronic Documents Act.

As some of you know, January 28 marks the anniversary of the Council of Europe Convention on Data Protection, the most important international law for privacy. On this particular day, a group of friends were having conversation and one of my friends asked me, “Why we celebrate International Privacy Day?”. I said the organization aims to make people aware of privacy and the protection of online data i.e. Big Brother is watching you always, so you protect your privacy.

Now question is, who is watching YOU, and HOW you can protect yourself. While browsing the web, finding information on the Web, logged into services like Hotmail, Gmail, Yahoo Mail, etc they’ve stored your personal information/ data like your computer’s IP address, cookies, user name, passwords, etc on their systems. They use your Internet protocol (IP) address and cookies (small bits of text stored on your computer) in order to identify yourself — who you are, where you come from and why you were there.

How IP address, Cookies and Personal Identifiable Information helps to identify you and know about yourself:

1. Cookies are small files that a website can place on your computer; cookies are supported by most of the major web browsers. Cookies serve all sorts of purposes, such as identifying users, maintaining state, and storing preferences.

Cookies identify users by allowing a web site to place a unique identifier such as an id number on your computer. When you return to the web site or move to a new page, the site reads the ID from the cookie and reloads your records. Advertisers can use cookies to track the ads you see, and webmasters can use cookies to record how many times you visit their sites.

2. IP addresses are logged by their systems for logins, report views and other website-based activities. This is done for administration purposes and to aggregate information about their users’ browsing habits.

3. Personally identifiable information is any piece of data about a person that can, in any way, identify them or allow someone to contact them. This includes names, email addresses and phone numbers.

As such I said to my friends, you know what one of my friends said? He said, “My goodness, it’s my whole personal life, I had no idea somebody was looking over my shoulder.”

You may remember AOL search data scandal in mid-2006. AOL Research released a compressed text file on one of its websites containing 20 million search keywords for over 650,000 users over a 3-month period, intended for research purposes. Later AOL pulled the file from public access, but not before it had been mirrored and distributed on the Internet.

While none of the records on the file are personally identifiable per se, certain keywords contain personally identifiable information by means of the user typing in their own name (ego-searching), as well as their address, social security number or by other means. Each user is identified on this list by a unique sequential key, which enables the compilation of a user’s search history.

AOL acknowledged it was a mistake and removed the data, although the files can still be downloaded from mirror sites. Additionally, several searchable databases of the report also exist on the internet.

The user search records has prompted many people to examine their search methods. While no one approach is absolutely foolproof, using a combination of common sense searching strategies will make it harder for engines (or anyone else) to put together a detailed profile of you. Keep reading today’s feature for a few ways to protect yourself from search engines.

The biggest problem with AOL’s search records release was not what the individual queries revealed (although some of them were pretty disturbing); it was the fact that any search could be tied to one unique user ID. Looking at someone’s individual searches is not necessarily invasive – however, tie all those searches to one unique user ID and we’ve got a problem.

For example:

User 7777155 searched for 1974 Silverado truck parts, Sportsline, and Yahoo fantasy baseball. Sounds like a nice guy, eh? Maybe – he also searched for “free MILF hunter password”, “you know when your a mexican when” jokes, and something called “assparade.”

Or how about these: individual users searched for “suspended license due to child support” along with “chapter 1 of reaching your potential”, “the incredible by pixar” and “cheap liquor” (?), or “battlefield 2 torrent”, “fake doctor note”, “custom gold grills”, and “ice cream shoes” (sounds like this person’s got a full day of non-stop fun planned).

A savvy data miner could use this data – which does include personal information such as SSN’s, phone numbers, names, addresses, etc – and go crazy: targeted spam, identity theft, the possibilities are endless.

Here are a few things your search engine knows about you:

If you’ve logged into services like Gmail, Yahoo Mail, etc – they’ve got your user name and passwords at the very least. For example: if you’ve taken advantage of Google’s integrated stable of services, you’ve pretty much given over the keys to the privacy kingdom, so to speak. I am NOT advocating that everyone quit Google, just giving you a heads-up.

All your IP addresses are belong to us. Your IP address coughs up quite a bit of relevant info, such as your ISP, city, state, region, and more.

Cookies, yum! Your individual searches and repeat visits to the same site can be tied together by cookies.

In addition, all search engines keep at least some of your searches for an undetermined period of time…that means that your search for the NKOTB back in the day might come up again. What’s a searcher to do? Actually, there’s quite a bit you can do to make your searches more private-note that I didn’t say “completely private”, because no one method is foolproof. However, if you mix up these tips you stand a much better chance of keeping your search records to yourself.

Tweak your browser: This is the first and easiest step that any privacy-conscious surfer should take to increase security. There’s quite a few ways that you can configure your browser to be more private.

Newer version of Firefox 3.5+, Internet Explorer 8 and other browsers has very useful feature called “Start Private Browsing” — is to put your browser into a temporary state where no information about the user’s browsing session is stored locally. If “Start Private Browsing” is turned ON, your computer does not keep any browser history, search history, download history, web form history, cookies, or temporary internet files.

Proxy: Using a proxy – think of it as a search prophylactic – is a great way to hide your tracks.

Here are a few good ones:

* Anonymouse
* Privoxy
* Scroogle (not a proxy so much as it’s a Google alternative that disables some of the more insidious data storage processes)
* BlackBoxSearch
* 250+ working proxies for safe access from work and school

There’s no perfect solution
None of these tips will keep you anonymous from a search engine 100 percent. The best way to keep your information private would be to get off the webernets completely, but as that’s not an option for most of us, the second best is to use a combo of security methods to cover as much of your virtual booty as possible. What are your best search privacy tips? Thoughts to comments or to tips at A|RAKESH.com.

Enjoy private and safe browsing…:-)

e-filing of I-T returns

Posted by Rakesh under FYI, Life, Nxt, Uncategorized

It is not needed to be a Chartered Accountant or knowledge of accounts to file Income Tax Returns. One of the most important aspect of Income Tax is filing Income Tax return. Individuals with income exceeding the non-taxable income slab, filing of Income Tax Return for the full financial year is mandatory.

To cope up with the latest technology and changing world, the Income Tax Department of India has launched a convenient, hassle-free and fast online service for filing Tax returns known as E-filing through Internet. Most of the sites which provide these facilities also provide free tax filing, i.e. filing your tax returns online without any charges. It not only saves time but is also more convenient. Any individual failing to file return within the specified period is also allowed to file a late return. Moreover, free tax filing service is very handy as through it individuals can file their Income Tax Returns by sitting at home or from any place where Internet is available.

Income Tax Return Forms, also known as ITR ranges from ITR-1 to ITR-8. Each form covers different set of tax payers which include individuals and even the companies so that they can furnish all the informations with respect to the transaction that are posted via annual information returns (AIR). Large transactions like in real estate and mutual funds are reported to the income tax department by banks and several other authorities with the help of user’s permanent account number (PAN). The Income Tax return Forms are divided into several categories. ITR 1 to ITR 4 are for individuals, ITR 6 and ITR 7 are for companies and ITR 8 is for fringe Benefits. These ITR forms can be downloaded from the concerned websites which might be offering free tax filing. However, some sites also charge a nominal fees for filing the return.

One more important aspect of filing Income tax return is the recent innovation, income tax calculator . Basically, it is designed for the individuals who are paying the tax to the government. Since 2005, a more advanced form of calculating income tax has been introduced, which is known as True tax calculator. It produces 2 reports, one in computerized form and other in Saral form (form 2D). Individuals who have to pay the tax have to furnish the details of all the income earned, in it. The Saral form of the 2 reports is printed in the original format and is submitted with the Income tax Department.

Income tax return should be filed within the specified period to avoid any penalty. Also, defective returns should be rectified within 15 days from the date of such intimation. Individual should keep in mind to see the heads of Income and decide which type of assessee s/he is and then select the form accordingly. The individual should mention all its sources of income with income amount correctly and should submit the form to the Income tax department ors/ he can also submit the form online as the income tax department offers free tax filing on cyber world.

Salaried individuals these days can pay most bills online. But what about income tax returns? Salaried individuals and Hindu undivided families (HUFs) can file their tax returns online (also called e-filing).

As we are all aware that the CDBT has vide notification dated 15-05-2007 issued a new set of Forms to be filled in for the Assessment Year 2007-08 and it is effective from 15-05-2007.

Following is a small and simple guide to filling the forms.

Documents to keep ready

• Form No. 16 (received from the employer): This will help to know your income from

  salary and tax deducted by your employer from your

  salary income.
• Form No. 16A (received from all the payers who have deducted tax): You will first have to get this form collected from the parties who have deducted tax while making payment to you during

  the year. This includes banks and companies (with whom you have kept fixed deposits), parties to whom you have given loan, tenant to whom you have rented your property, et cetera.
• Balance Sheet and Profit and Loss Account
• Tax Audit Report, if any
• Working of FBT
• Certificate of MAT working (in case of Companies).
• Summary of all bank accounts operated during

  the year: This summary will give an idea about all the income earned during the year and investments and expenditure incurred. This assures that no part of income is left out and you do not miss out any eligible deductions.
• Summary of all other earnings including Interest on Fixed deposits, Dividends earned etc.
• Copies of all investments made to claim deductions viz LIC Premium Receipts, PPF Copy, Copies of other investments etc.
• Details of property owned during

  the year: If you have bought some property during

  the year, you will need details of rent received and receipts of municipal tax paid during

  the year. In addition to this, if you have taken this property through a loan, do carry the loan details and a copy of certificate of interest paid during

  the year.
• Sale & purchase bill / documents / contract note in respect of investments / assets sold during

  the year: You will also need purchase documents corresponding to the sales made during

  the year. In case of a large number of transactions, it is advisable that you prepare a statement of sale and corresponding purchase of these investments and arrive at the amount of profit or loss, before actually calculating your taxable income.
• Details of tax payments made during

  the year: This is required only if you have made advance tax payment during

  the year.

Which ITR Form is applicable to you? With the introduction of new

income tax return forms based on nature of income earned during

the year, one needs to know relevance of each return form and select the right form.For an individual, four forms have been introduced, the details of which are as under:

ITR – 1 Meant for Individuals, who have a) Income from

salary b) Interest income (taxable / exempt) c) Family pension d) Income from agricultural activities

In other words, this form is not applicable in the following situations:

a) Individual having any income (taxable / exempt) other than mentioned above b) Any brought forward loss of earlier years c) Any income of other person to be included d) Any person having Income / Loss from House Property

ITR – 2 Individuals / HUF not having any income on account of carrying out business / profession or on account of being a partner in a partnership firm. It includes individuals who have only Salary Income but want to claim Interest on Housing Loans

ITR – 3 Individuals / HUF who are partners in a partnership firm and does not carry out any other separate business / profession. In other words Individuals / HUFs who are Partners in a firm but who do not carry out any independent business of their own.

ITR – 4 Individuals / HUF who is carrying out business / profession under a proprietary concern.

ITR – 5

Firms / AOP / BOI (other than Trusts claiming exemption u/s 11) and this includes the Fringe Benefit Tax Return.

ITR – 6 Companies (other than Companies claiming exemption u/s 11) and this includes the Fringe Benefit Tax Return.

ITR – 7 Trusts and Companies claiming exemption u/s 11 and this includes the Fringe Benefit Tax Return.

ITR – 8 Return of Fringe Benefits

Acknowledgement Non E-filing Acknowledgement to be filled in case of filing in Physical Form

ITR – V Acknowledgement to be filled in case of Electronic filing without a Digital Signature

Last date for filing tax returns The last date for filing return of income for

the year ended March 31, 2007 for Individuals, Firms, Trusts, AOP, BOI, Co-operative Societies and Local Bodies (Other than those who are required to get their accounts audited) is July 31, 2007 and for Companies and others, it is October 31, 2007.

Consequences for not

filing tax return by the last date If individuals file their returns after the last date mentioned above, they will be charged a penal interest at the rate of 1% per month of delay on the taxes, if any remaining unpaid. However, if such a return is filed after March 31, 2008, apart from the penal interest, they will also be liable for a penalty of Rs 5,000.

How to file the tax return Today there are two options available to the individuals to file their return of income:

a)

Electronic filing;

b) Physical filing

It is mandatory for Companies and

Firms who are required to get their accounts audited under the Income Tax Act, 1961 to file their returns through

Electronic Filing only.

As a temporary relief to

firms, The CBDT has temporarily allowed them to file returns in Physical Format, till the Software is ready and subsequently they have to again file the Returns in Electronic Form.

The CBDT has initiated the Process of getting the Softwares for filing R eturns Online ready and they are expected to be ready by ( I dont know when they will be available).

Under

Electronic filing, the individual will have to follow the following procedure:

• Get the tax return in a valid XML format (through the Income Tax department site or other online tax

  preparation sites)
• Visit the Income Tax site http://www.incometaxindiaefiling.gov.in/
• Log on using the user-ID and password (username is usually the 10 digit PAN No.) Select the respective ITR form
• Upload the XML file generated
• Upon uploading, an acknowledgement will be generated.
• If the file is uploaded with a digital signature, then the process of filing return is completed.
• However if the file is uploaded without a digital signature, the individual will have to print form ITR-V and submit the same to the Income Tax department physically. The process of filing return will be completed only on physical filing of ITR-V.

For Physical filing, the individual will have to take a print out of the respective ITR form along with the Acknowledgment form and file it with the Income Tax Officer. Whether it is

electronic filing or physical filing, under the new procedure, individuals do not have to attach any documents or enclosures with

the return of income, except a Report on Transfer Pricing, which needs to be attached along with the acknowledgement.

Kindly go through the Instructions thoroughly before filing the forms and fill out the proper codes wherever applicable. Fill in all the coloumns and in case some coloumn is not applicable just mention N A or Nil.

It thus becomes very important to scrutinize the forms properly before submitting, so that one can ensure that no part of the form is left unfilled or not properly filled, which may lead to several consequences under the Income Tax Act, 1961.

In case of Individuals and HUF it is also important to fill in the details of transactions reported through Annual Information Report (If any) like

1. Cash deposits aggregating to ten lakh rupees or more in a year in any savings account maintained in a banking company to which the Banking Regulation Act, 1949 (10 of 1949), applied (including any bank or banking institution referred to in section 51 of that Act)
2. Payment made against bills raised in respect of a credit card aggregating to two lakh rupees or more in a year.
3. Payment made of an amount of two lakh rupees or more for purchase of units of Mutual Fund.
4. Payment made of an amount of five lakh rupees or more for acquiring bonds or debentures issued by a company or institution.
5. Payment made of an amount of one lakh rupees or more for acquiring shares issued by a company.
6. Purchase of any immovable property valued at thirty lakh rupees or more.
7. Sale of any immovable property valued at thirty lakh rupees or more.
8. Payment made of an amount of five lakh rupees or more in a year for investment in bonds issued by Reserve Bank of India.

Documents to preserve

Since the tax-payer is not required to submit any additional documents along with the return of income, the documents may be called at the later stage by the Income Tax Officer to check the correctness of the claim made. Hence, it is advised that the individual preserve all the documents required to substantiate the return of income filed. Some of the documents are enumerated below:

• Detailed calculation of taxable income and amount of tax payable / refundable.
• Balance Sheet and Profit and Loss (If any prepared)
• All Audited Accounts
• Audit Reports
• Tax Audit Reports
• MAT report under section 115JB Form No. 16 / 16A (original).
• Counterfoil of all the tax payments made during the year.
• FBT Challans.
• Computation of FBT
• Computation of Depreciation under Income Tax Act, 1961
• Copy of documents concerning sale of investments and properties.
• Copy of bank statements.
• Copy of proof for all the deductions and exemptions claimed in the return of income (viz. PPF Challans, LIC Premium Receipts, Mediclaim Receipts to name a few)

Common mistakes people make while filing tax returns

• The most common notion among salaried employees is that since tax has already been deducted from their salary, there is no need to file their income tax returns. This is not at all true or legal. Even though tax has been deducted and there is no further liability to pay tax, an employee has to compulsorily file his / her income tax return. Form No. 16 received from employer is not their income tax return.
• Employees do not include the interest that they receive on their savings bank account. The entire interest earned on your savings bank account is taxable.
• Omission of income received by a minor child. A minor child is not required to file a separate return of income. However, this income has to be included in the hands of either of the parents, although it might be a small amount of bank interest.

New IT Circular on filing Procedure of New Income Tax Return Form (ITR) for A.Y. 2009-10

• Form ITR-V is to be furnished within thirty days after the date of transmitting the data electronically. In case, Form ITR-V, is furnished after the above mentioned period, it will be deemed that the return in
  respect of which the Form ITR-V has been filed was never furnished and it shall be incumbent on the assessee to electronically re-transmit the data and follow it up by submitting the new Form ITR-V within thirty days.

• The assessee shall furnish the Form ITR-V to the Income-tax Department by mailing it to Income
  Tax Department CPC, Post Box No – 1, Electronic City Post Office, Bangalore – 560100, Karnataka within thirty days after the date of transmitting the data electronically.

• No Form ITR-V shall be received in any other office of the Income-tax Department or in any other manner.

• No disallowance of claim for pre-paid taxes shall be made by the Assessing Officer only on the ground that the TDS/TCS certificates and challans have not been furnished along with
  the return of income or Form ITR-V.

• The credit for any TDS or TCS claim will be allowed if the assessee quotes the relevant UTN for every TDS and TCS claim and the said UTN matches with the UTN in the database of the Income
  Tax Department.

• It is advisable, though not mandatory, to use a digital signature for electronically furnishing
  the return

• All returns filed electronically shall be processed, on priority basis, only at the Centralized Processing Centre of the Income-tax Department in Bangalore

NEW RETURN FORMS FOR ASSESSMENT YEAR 2009-10 MATTERS CONNECTED THERETO

CIRCULAR NO. 03 / 2009, DATED 21-5-2009

1. The Central Board of Direct Taxes have, vide notification S.O. No.866 (E) dated 27^th, March, notified the following new forms for Assessment Year 2009-10 :-

(i) ITR-1 return of income for individuals having income from salary/ pension/ family pension and not having any other income except income by way of interest chargeable to income-tax under the head Income from other sources;

(ii) ITR-2 return of income for Individuals and Hindu Undivided Families (HUFs) not having any income under

the head Profits or gains of business or profession;

(iii) ITR-3 return of income for Individuals and HUFs being partners in firms and not carrying out business or profession under any proprietorship;

(iv) ITR-4 return of income for individual and HUFs having proprietory business or profession;

(v) ITR-5 combined form for return of income and

fringe benefits for Firms/ Association of Persons / Body of Individuals;

(vi) ITR-6 combined form for return of income and

fringe benefits for companies (other than companies claiming exemption under section 11;

(vii) ITR-7 combined form for return of income and fringe benefits for persons including companies required to furnish return under section 139(4A) or section 139(4B) or section 139(4C) or section 139(4D);

(viii) ITR-8 stand alone form for return of

fringe benefits for persons who are not required to furnish return of income but are required to furnish return of

fringe benefits.

The above return forms are available at http//www.incometaxindia.gov.in.

2. Rule 12 of the Income Tax Rules, 1962 (hereinafter referred to as the said rule) provides for the form and the manner in which the income tax return is required to be furnished.

3. Sub-rule (3) of the said rule provides that return of income/

fringe benefits can be furnished in any of the following manners:-

(i) furnishing

the return in a paper form;

(ii) furnishing

the return electronically under digital signature;

(iii) transmitting the data in

the return electronically and thereafter submitting the verification of

the return in Form ITR-V;

(iv) furnishing a bar-coded return in a paper form.

4. Sub-rule (5) of the said rule provides that

the return of income/

fringe benefits for assessment year 2008-09 or any earlier assessment years shall be furnished in the appropriate form as applicable in that assessment year.

5 In exercise of the powers conferred by section 139D of the Income Tax Act,1961 (hereinafter referred to as the Act), ( read with clause (eebb) of sub-section (2) of section 295 of the Act, sub-rule (3) of the said rule provides that-

(a) it shall be mandatory for the firms to whom provisions of section 44AB are applicable and for the companies (other than the companies claiming exemption under section 11) to furnish

the return of income/

fringe benefits electronically in the manner mentioned at (ii) or (iii) of paragraph 3;

(b)

the return of income/

fringe benefits in Form ITR-7 by charitable/ religious trusts, political parties and other non-profit is to be furnished in the paper form only; and

(c) all other taxpayers have the option to furnish

the return of income/

fringe benefits in any of the manner mentioned in paragraph 3.

6. In exercise of the powers conferred by section 139C of the Income Tax Act,1961 (hereinafter referred to as the Act), read with clause (eeba) of sub-section (2) of section 295 of the Act, sub-rule (2) of the said rule provides that the returns required to be furnished in above mentioned Forms (except in ITR-7) shall not be accompanied by any attachments/ annexures. Thus, taxpayers should not enclose with these return forms any statement showing the computation of income or tax, copies of balance-sheet, profit and loss account, TDS/ TCS certificates, proof of payment of advance tax or self-assessment tax. However, these documents shall have to be produced before the Assessing Officer on demand by him. The Chief Commissioners of Income-tax/ Commissioners of Income-tax must ensure that documents if any, annexed with these returns or Form ITR-V are detached at the time of receiving these returns/ ITR-V and are returned to the taxpayers immediately.

7. Following clarifications are also issued in

respect of certain issues arising from furnishing the returns in the above mentioned forms:

(i) An assessee should obtain the report of audit from an accountant under section 44AB of the Act on or before the due date of the furnishing of

the return and should fill out the relevant columns of

the return forms on the basis of such report. However, the report of audit should not be attached with

the return or furnished separately any time before or after the due date. The assessee should retain the report with himself. If called for by any income-tax authority during any proceeding under the Act, it shall be incumbent upon the assessee to furnish/produce the same in original. No penalty under section 271B shall be initiated or levied for not furnishing the tax audit report on or before the due date. However, if the

audit report has not been obtained before the due date, provisions of section 271B shall continue to be attracted.

(ii) These returns are not to be accompanied with any other document including any statutory form or report of audit (other than the report under section 92E), which is otherwise required to be furnished before the due date or along with

the return for making any claim. The provisions of the law shall be deemed to have been complied with in

respect of the requirement of the filing of the attachments or documents or reports along with

the return. No penalty shall be initiated/ levied for not furnishing such documents if such documents were otherwise obtained before the specified date, if any, provided in the statute. All these documents should be retained by the taxpayers. If called for by any income-tax authority during any proceeding under the Act, it shall be incumbent upon the assessee to furnish/produce the same, in original.

(iii) The report as required under section 92E of the Income-tax Act should not be furnished along with the return. However, it should be separately furnished before the date specified in rule 10E.

8. As stated in paragraph 5 above, it is mandatory for a company and a firm liable to audit under section 44AB of the Act to furnish the return electronically. However, electronic filing is optional for other categories of tax-payers. The e-Return has to be furnished at http://incometaxindiaefiling.gov.in. Further, it is advisable, though not mandatory, to use a digital signature for electronically furnishing the return. If the return is electronically furnished under a digital signature, the tax-payer is not required to furnish the Form ITR-V with the Income-tax Department as a follow up to the electronic transmitting of data in the return. Similarly, any return which is digitally signed by the assessee and filed with an E-Return Intermediary (ERI), who, in turn, submits the return to the Income Tax Department under his digital signature, will also be deemed to have been filed under a digital signature of the assessee and no Form ITR-V is required to be submitted. In such cases, the date of electronic transmission of the data in the return shall be the date of furnishing the return.

9. However, if the assessee does not use a digital signature for electronically transmitting the data, he is required to follow-up the electronic transmission of the data by submitting the Form ITR-V with the Income-tax Department as verification of the electronic filing of the return. In such a case, the date of transmitting the data electronically will be the date of furnishing the return if the Form ITR-V is furnished within thirty days after the date of transmitting the data electronically. In case, Form ITR-V, is furnished after the above mentioned period, it will be deemed that the return in respect of which the Form ITR-V has been filed was never furnished and it shall be incumbent on the assessee to electronically re-transmit the data and follow it up by submitting the new Form ITR-V within thirty days.

10. Since the Form ITR-V is bar-coded, assessee is advised not to fold the same and post it in A4 size envelope. The assessee shall furnish the Form ITR-V to the Income-tax Department by mailing it to Income Tax Department CPC, Post Box No – 1, Electronic City Post Office, Bangalore – 560100, Karnataka within thirty days after the date of transmitting the data electronically. The Post Box shall deliver all the Form ITR-V to the Centralized Processing Centre (CPC) of the Income-tax Department in Bangalore. Upon receipt of the Form ITR-V, the CPC shall send an e-mail acknowledging the receipt of Form ITR-V. The e-mail shall be sent in due course to the e-mail address furnished by the tax-payers in his return. No Form ITR-V shall be received in any other office of the Income-tax Department or in any other manner.

11. All returns filed electronically shall be processed, on priority basis, only at the Centralized Processing Centre of the Income-tax Department in Bangalore.

12. Since no documents are required to be furnished along with the return of income, the credit for Tax Deducted at Source (TDS), Tax Collected at Source (TCS), advance tax and self assessment tax (hereinafter collectively referred to as pre-paid taxes) shall be allowed on the basis of information relating to pre-paid taxes furnished in the relevant schedules of the return forms subject to matching with the information provided by the deductor, collector and the banks. Therefore, tax payers are advised to ensure that the information relating to pre-paid taxes is complete in all respect and correct. With a view to enabling the matching of information relating to pre-paid taxes furnished by the tax payers, the Income-tax Department has created a system of Unique Transaction Number (UTN) and Challan Identification Number (CIN). Assesses must ensure that the deductor and the collector have provided them with separate UTNs in respect of each TDS and TCS transaction. Similarly, they must also ensure that the UTN for every TDS and TCS claim in the return is correctly filled in. Similarly, they must ensure that they correctly fill in the CIN in respect of payments of advance tax and self-assessment tax. Further, no disallowance of claim for pre-paid taxes shall be made by the Assessing Officer only on the ground that the TDS/TCS certificates and challans have not been furnished along with the return of income or Form ITR-V.

13. The return of income in Form No. ITR-1 to Form No.ITR-8 for Assessment Year 2009-10 have been notified which require, amongst other, the quoting of the relevant UTN for every TDS or TCS claim made by the assessee. Therefore, the credit for any TDS or TCS claim will be allowed, amongst others, if the assessee quotes the relevant UTN for every TDS and TCS claim and the said UTN matches with the UTN in the database of the Income Tax Department. With a view to enabling the processing of returns relating to financial year 2007-08 (Assessment Year 2008-09) and enabling the assessee to receive the UTN for TDS and TCS transactions in the Financial Year 2008-09 (relevant for Assessment Year 2009-10), the following procedure will be followed: -

(a) National Securities Depository Limited (NSDL) shall assign an UTN for every TDS and TCS transaction record in Financial Year 2007-08 and 2008-09 reported in the quarterly returns received by it.

(b) NSDL will create a facility to e-mail the UTN file to the deductor if the e-mail address of the deductor is available with them. In addition, they will also create a facility for the deductor to download the UTN file.

(c) Upon receipt of the UTN, the deductor will inform the UTN to the deductee. In cases where the UTNs are available to the deductor before the issue of the TDS/TCS certificate to the deductee, the deductor will indicate the UTNs on the certificate. However, if the UTNs are not available to the deductor before the issue of TDS/TCS certificate, the deductor shall, subsequently, send a consolidated statement of all TDS/TCS transactions indicating the UTNs.

(d) NSDL will also create a facility to allow independent viewing of the UTNs by the deductee. As a result, even if the UTNs are not received by the deductee from the deductor, they can be directly obtained from the NSDL database and quoted while making claims of TDS and TCS in the return of income.

14. In the past, instances have come to the notice of the Board that in spite of specific directions contained in the Instructions for filling the return forms, the practice of accepting returns, along with annexures is still continuing. Tax-payers have in the past also complained that staff and officials in certain stations are refusing to accept returns which are not accompanied with annexures. These practices are against the expressed policy of the Government and are not in consonance with the legal provisions. Therefore, it is emphasized that Chief Commissioners of Income Tax must ensure strict compliance with the provisions of law. It may be reiterated that all annexures accompanying the income tax return forms should be detached and returned to the tax payers by the receiving official.

15. The contents of this circular are for strict compliance by all officers and staff of the Income Tax Department. Any violation by the officers and staff of Income Tax Department will be seriously viewed.

Income Tax slab For The Assessment year 2009-10

Income Slab	Tax Rate
Up to Rs.1,50,000 (Male) / Up to Rs 1,80, 000 (Female) / Up to 2,25, 000 (for resident individual of 65 years or above)	NIL
Rs. 1,50,001 to Rs. 3,00, 000 (Male)/ Rs 1,80,001 to Rs 3,00, 000 (Female)	10%
Rs. 3,00,001 to Rs. 5,00, 000	20%
Rs. 5,00,001 and above	30% *

* A surcharge of 10 per cent of the total tax liability is applicable where the total income exceeds Rs 10,00,000.

• Education cess is applicable @ 3 per cent on
  income tax, inclusive of surcharge if there is any..
• Agricultural
  income is exempt from income-tax.

You can compute income tax from here

Troubleshooting: How to eliminate spyware or adware from your computer

Posted by Rakesh under Technology, Uncategorized

If your computer are infected by spyware/ adware, it could be causing your computer to run slower or redirection to other site (i.e. when clicked on links, redirects to other sites, not which you are looking for). This kind of problem indicates that your computers are infected by the spyware or adware.

This article explains how to reslove the problem (i.e. troubleshooting for infected computers).

Procedures: How to eliminate spyware or adware from your computer

Please follow the steps below in order to eliminate the infection and clean up your computer:

1. Download the “HijackThis” Installer from this link and install it. Then, create a log file of possible malware with HijackThis so you can analyze the results.

2. Download the Pocket KillBox Pocket, Spybot – Search & Destroy ( free available ) and BlackLight Rootkit (detects objects that are hidden from users and security tools ). You will need them later to delete parasite-related files and folders.

You can grab Spybot Search and Destroy download from The home of Spybot-S&D! and Blacklight from here


Note: Unless you are an expert computer user, you may wish to create a log file of possible malware HijackThis finds and then analyze the entries by yourself ( if you're able to do so ) or report the information to a computer expert or a computer security support website for possible help.

Howto create a HiJackThis Log:

To create a log file, open HijackThis, and from the QuickStart window click “Do a system scan and save a logfile”. This will create a log file of POSSIBLE malware and save it as hijackthis.log in your HijackThis directory. You can then distribute ( do yourself ) this log file as needed to get assistance on what items you can keep and which items need to remove.

Here’s the brief steps to create HiJackThis Log:

- Download the “HijackThis” Installer from this link and install it. http://www.trendsecure.com/portal/en-US/_download/H JTInstall.exe

- Click on the “Do a system scan and save a log file” button. It will scan and then ask you to save the log.

- Click “Save log” to save the log file and then the log will open in Notepad.

- Click on “Edit > Select All” then click on “Edit > Copy” to copy the entire contents of the log.

HijackThis Log will look like as given below:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:05:45 AM, on 5/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 – BHO: AcroIEHlprObj Class – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {243B17DE-77C7-46BF-B94B-0B5F309A0E64} – C:\Program Files\Microsoft Money\System\mnyside.dll
O2 – BHO: NCO 2.0 IE BHO – {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} – C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 – BHO: Symantec Intrusion Prevention – {6D53EC84-6AAE-4787-AEEE-F4628F01010C} – C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 – BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – c:\program files\google\googletoolbar2.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 – BHO: (no name) – {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} – (no file)
O3 – Toolbar: &Google – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: Show Norton Toolbar – {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} – C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 – HKLM\..\Run: [IMJPMIG8.1] “C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE” /Spoil /RemAdvDef /Migration32
O4 – HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 – HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 – HKLM\..\Run: [ATIPTA] “C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe”
O4 – HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 – HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 – HKLM\..\Run: [Palm MulitUser Config] C:\Program Files\Palm\Configtool.exe
O4 – HKLM\..\Run: [HP Component Manager] “C:\Program Files\HP\hpcoretech\hpcmpmgr.exe”
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32×86\3\hpztsb10.exe
O4 – HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 – HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”
O4 – HKLM\..\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 – HKLM\..\Run: [osCheck] “C:\Program Files\Norton Internet Security\osCheck.exe”
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 – HKCU\..\Run: [MoneyAgent] “C:\Program Files\Microsoft Money\System\mnyexpr.exe”
O4 – HKCU\..\Run: [Uniblue RegistryBooster2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 – HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 – Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 – Startup: PowerReg SchedulerV2.exe
O4 – Global Startup: Exif Launcher.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 – Extra button: MoneySide – {E023F504-0C5A-4750-A1E7-A9046DEA8A21} – C:\Program Files\Microsoft Money\System\mnyside.dll
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O15 – Trusted Zone: http://echo.bluehornet.com
O15 – Trusted Zone: http://*.insurancejournal.com
O16 – DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) – http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
O16 – DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176551855953
O16 – DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) – https://webdl.symantec.com/activex/symdlmgr.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{2B29ABBE-57DF-474C-B737-FF08262B4EC3}: NameServer = 85.255.113.204,85.255.112.99
O17 – HKLM\System\CCS\Services\Tcpip\..\{39F59BEA-326A-47E2-A8C2-629EF367CBB7}: NameServer = 85.255.113.204,85.255.112.99
O17 – HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.204 85.255.112.99
O17 – HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.204 85.255.112.99
O17 – HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.204 85.255.112.99
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: Automatic LiveUpdate Scheduler – Symantec Corporation – C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 – Service: Symantec Lic NetConnect service (CLTNetCnService) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 – Service: COM Host (comHost) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 – Service: Google Updater Service (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: hpqwmiex – Hewlett-Packard Development Company, L.P. – C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 – Service: LightScribeService Direct Disc Labeling Service (LightScribeService) – Hewlett-Packard Company – C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 – Service: LiveUpdate – Symantec Corporation – C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 – Service: LiveUpdate Notice – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 – Service: Symantec Core LC – Unknown owner – C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

–
End of file – 9092 bytes

3. Use HijackThis to fix suspect entries and check those which are suspected. After you check suspect items, close all browsers and windows except for HijackThis, then click the Fix Checked button. Reboot after fixing.

4. Clean all your Cookies, Recycle Bin and Temporary Internet Files.

5. Run the PANDA online virus scan (availabe at http://www.pandasoftware.com/products/activescan.htm)

- Once you are on the PANDASCAN site click the Scan your PC button – A new window will open…click the Check Now button – Enter your Country – Enter your State/Province – Enter your e-mail address and click send – Select either Home User or Company – Click the big Scan Now button – If it wants to install an ActiveX component allow it – It will start downloading the files it requires for the scan (Note: It may take a couple of minutes) – When download is complete, click on Local Disks to start the scan – When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.

Finally, restart your computer once more.

OR

Run EWIDO anti-spyware micro scanner ( available are http://www.ewido.net/en/onlinescan/ ).

For EWIDO:

- Before running the Ewido scan, please make sure your browser settings allow ActiveX controls. If your browser has ActiveX controls disabled, then

To enable ActiveX Controls, please follow below steps:

I. Click on Tools > Internet Options > Go to Security tab > Select Internet > Click on Custom Level

II. Enable below components related to ActiveX Controls:

a) Run ActiveX controls and plug-ins. b) Script ActiveX controls marked safe for scripting.

6. Once in Safe Mode, use Pocket KillBox that helps to delete those annoying files that will not let themselves be deleted, no matter what you do.

7. Now run Spybot program, it will detect and remove the spywares/adwares infection from your computer. Reboot your computer.

8. Then, run BlackLight Rootkit ( it detects objects that are hidden from users and security tools ) and it scans your computer for rootkits. I mean, BlackLight is a tool that detects files, folders and processes that are hidden from the user and other programs and is also able to remove hidden malware by renaming them.

BlackLight Rootkit log looks like as given below:

05/19/08 15:21:49 [Info]: BlackLight Engine 1.0.70 initialized 05/19/08 15:21:49 [Info]: OS: 5.1 build 2600 (Service Pack 2) 05/19/08 15:21:49 [Note]: 7019 4 05/19/08 15:21:49 [Note]: 7005 0 05/19/08 15:21:56 [Note]: 7006 0 05/19/08 15:21:56 [Note]: 7011 1776 05/19/08 15:21:56 [Note]: 7035 0 05/19/08 15:21:56 [Note]: 7026 0 05/19/08 15:21:57 [Note]: 7026 0 05/19/08 15:22:02 [Note]: FSRAW library version 1.7.1024
05/19/08 15:33:45 [Note]: 2000 1012

HELP: Downloading, Installing and HOW-TO: using the tools

Blacklight:

To download Blacklight, goto the link ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe and install it. It is a tool that detects files, folders and processes that are hidden from the user and other programs. BlackLight is also able to remove hidden malware by renaming them.

For BlackLight Help, please go to the following page:

http://www.f-secure.com/blacklight/blacklight_help.html

BlackLight creates a log file “fsbl-.log”. By default, the log file is in the same directory as the executable.

Pocket KillBox:

a) Download Pocket Killbox: http://www.downloads.subratam.org/KillBox.zip. Place it in a folder on your Desktop.

b) Extract Pocket KillBox from the zip file and double-click on Killbox.exe to run it.

c) In the main screen of Pocket KillBox, go to Tools in the top menu bar, and select: Delete Temp Files.

d) When done, and back at the main screen of KillBox, select the option: Delete on Reboot.

e) Then, in the Full Path of File to Delete box, copy and paste suspected entry, if any:

For example:

C:\WINDOWS\system32\csjrm.exe


- Press the button with a red circle and a white X (Delete File button) – Click YES at the Delete on Reboot confirmation prompt. – Click NO at the request to reboot ( if you don’t have any files to delete, click YES ).

f) Do the same for other file, and select No at the request to reboot!

g) On this last file, close KillBox and Notepad, and Reboot the computer!!

e) Run HijackThis and post a new log, also run Blacklight again and analyze the log from it.

Once you have done it and if you find there any WareOut infection, please follow instructions below to fix them.

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

FixWareout:

Please download FixWareout from one of these sites: http://downloads.subratam.org/Fixwareout.exe http://swandog46.geekstogo.com/Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, then make sure “Run fixit” is checked and click Finish. The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

When your system reboots, follow the prompts. Afterwards, HijackThis will launch. If it does, you have nothing to do. Just close the application.

Delete all you cookies, Tools/Internet Options delete cookies.

* Restart your computer in Safe Mode, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when you see the Boot Menu.

* When the Windows Advanced Options menu appears, select an option, and then press ENTER.

* When the Boot menu appears again, and the words “Safe Mode” appear in blue at the bottom, select the installation that you want to start, and then press ENTER.

Then run EWIDO. Anything left?

Reboot normally.

Enjoy virus free Internet surfing..

Abridged story >>