Successful receipt of E-Returns acknowledgement

I guess this year the Indian Income Tax Department has done an excellent job of managing the E-Returns. For those who still don't have trust on E-Returns, this year would set a benchmark for them. After successfully submitting the E-Returns, I was little bit worried whether I would truly receive an acknowledgment as the ITR-V form was sent through ordinary post to CPC Bangalore. Surprisingly I have received the acknowledgments of both the E-Returns (mine & my Dad's) that I had filed this year within a month of posting the ITR-V form to CPC Banagalore. Please find a copy of it shown below.

3 cheers to IT dept. - Hip, Hip, Hurray !!!

Recovering from HERSS.EXE / PH.EXE Trojan attack

I visited my friends place yesterday to copy some movies onto my Portable HDD. I found that he had McAfee Antivirus installed & so went ahead & plugged in my Portable HDD. Suddenly I realised that I did not check whether his Antivirus definitions were up to date & also found out that they were outdated.

I thus installed Avast's Free Antivirus for Home Users. Within minutes it detected a suspicious file ph.exe in the Operating Systems memory & suggested to do a Boot Scan for the OS. Surprisingly the Boot Scan did not trace any sort of infection. It still felt there was something suspicious as the PC would not allow me to update my Avast's Virus definitions.

I then returned home & plugged the Portable HDD to my Laptop. It immediately showed me options to "Run program", "Open Files", etc. Though I skipped this screen, I accidentally double clicked the HDD Drive Letter which triggered the Trojan (which I realized later). I did not know what Trojan or Virus I had been infected with, but definitely I knew that there was a suspicious file PH.EXE which was behind this entire problem. I searched through the net & ran the FixAprop.exe from Symantec's site which was supposed to fix the PH.EXE infection. I also found out that I could not enable the option of "Show hidden Files and Folders" in Windows Explorer. I thus started accessing the C Drive of my Laptop through the administrative share of C$ through my Home PC. Through my Home PC I could find out that every time I deleted ph.exe from my Laptop, the file would get recreated within seconds. After lots of research & tweaking I found out the following -
  1. The entire Trojan kit consisted of 3 files - autorun.inf, ph.exe & herss.exe.
  2. The infection spreads through USB drives. As soon as somebody inserts a USB drive to an infected PC the Trojan copies ph.exe & autorun.inf (pointing to ph.exe) onto the root directory USB drive.
  3. The infection spreads from the USB drive to another PC when the user plugs in the USB drive & selects "Run program from disk" or double clicks the USB drive letter thus triggering the ph.exe through autorun.inf.
  4. If you feel your USB drive is infected with this Trojan don't panic. Plug it peacefully onto another PC, go to Windows Explorer, right click (not double click) on the USB drive letter & click "Explore". Now enable "Show Hidden Files and Folders" & delete the files ph.exe & autorun.inf from the root directory of the USB drive.
  5. If you feel that your PC has been infected, execute msconfig from Start -> Run, go to Startup tab & look for a startup entry pointing to "C:\Documents and Settings\\Local Settings\Temp\herss.exe". Once the entry is found, uncheck it, save changes & reboot the PC. The Trojan is now unloaded from your OS memory.
  6. Now remove the final traces of the Trojan by manually deleting ph.exe, autorun.inf & herss.exe from the mentioned directories.
  7. If you are unable to enable "Show Hidden Files and Folders", enable it by following one of the methods listed at Technize website. I used Method 3 & it worked fine for me.
  8. Check that your Antivirus software is up to date.
It is my earnest request to all readers to be little bit careful with Virus & Trojans in today's world of Piracy, Information theft, etc. Please don't be ignorant & have a casual approach towards keeping your data safe & secure. Keep a constant vigil on any suspicious activities on your PC. If you are not knowledgeable enough, ask someone rather than ignoring things. Have FREE Antivirus & Firewall applications like Avast & ZoneAlarm installed on your home PC's. Remember, in today's connected world Internet is the main medium through which infections are spread. Keep your computer safe from prying eyes. Even if you are associted with IT, enroll yourself for a basic Computer course & learn some important things.

I hope this post would be of some help to infected users. Do write to me on any Data Security or Data Protection questions that might arise in your mind.

Remember - Prevention is better than cure

Happy Computing!!!

I FIND THIS POST TO BE QUITE POPULAR. PLEASE CLICK ON THE ADS ON MY BLOG IF YOU BENEFIT OUT OF THIS POST.

Convincing MTNL staff - Next to impossible !!!

A company with whose services I was very satisfied till date, has started disappointing me with regards to ADSL Broadband services. This is wrt the recent interaction with their staff for change in my ADSL Broadband plan. Till the month of Aug'09 I was using the DSL-256 Unlimited Broadband Plan (MTNL Mumbai), which offered unlimited downloads but with a lesser speed. Due to the slow speed I planned to change it to DSL-749 Plan which offered downloads upto 5 GB but at the speed of 2 Mbps. For plan change I followed the regular procedure of calling up the Call Centre on 1500 before 31st Aug.

On 1st Sep I called the Call Centre again & confirmed that my plan had been changed. But I still found out from the ADSL Modem Web console that my speed remained at 512 Kbps (256 Kbps which was upgraded to 512 Kbps post 15th Aug to to upgradation of DSL unlimited Plan). I remained quite for a couple of days, as I knew that MTNL sometimes upgrades the speed after 2-3 days. On 3rd Sep I still found that I was running Internet at 512 Kbps. Now started the real drama. Everytime I would call up the Call Centre I would get the same reply that all ADSL plans give you speed ranging from 256 Kbps upto a maximum of 2 Mbps & that means there is no guarantee that every time you receive 2 Mbps speed. I failed to convince them that the 2 Mbps plans give a guarantee of 2 Mbps speed at least up to the ISP node & that the ADSL connection speed can be found out from the speed at which the ADSL Modem syncs, which is shown in the ADSL status in the ADSL Modem Web console.

Out of sheer frustration I visited the QCS at MTNL Charkop exchange & explained the situation to a concerned officer Mr.Pal. He then redirected me to another officer Mr.Tripathi (famous at Charkop exchange), but both failed to understand my real problem & kept reiterating the same thing which the Call Centre executives were saying. I then had to literally draw a diagram for a local lineman sitting next to Mr.Tripathi explaining how the speed settings are supposed to be changed through jumpers from their Mux room. I also explained to them how Internet works & lot other technical stuff. Atlast I was given the contact details of Mr.Ramnath from the Exchange. Mr.Ramnath was supposedly the concerned person handling Mux for ADSL connections. He was not bothered about the speed at which my Modem synced & kept telling me to check the speed of my connection through MTNL Speed Test Website . Something suddenly struck him & then he spoke with a lady over the phone regarding my problem. Though he had covered the mouthpiece, I could feebly hear the conversation & understood that it was a mistake from their side. He then said within 10 mins your problem would be resolved. When I asked him that wasn't it the problem at your end which caused unnecessary harassment for me, he categorically denied & said that don't talk about all these things & that your problem shall be resolved.

In todays tech-savvy world if this is the technical competence of MTNL stuff, the days are not far away when customers would start opting out of Government owned Service Providers out of sheer frustration. I am attaching the screenshots of the ADSL Modem Web console which shows the speed change after necessary changes were done on the Exchange.

Old Speed -



New Speed -



I hope this post would help few people in justifying their cases in case of speed issues :-)