This weekend my laptop was stolen from my hotel room while I was on vacation.

It wasn’t an expensive laptop… I travel with a cheap little Acer Netbook … but it was still alarming.

However, I did learn a few things from the experience.

First, if you’re keeping your laptop in your hotel room, keep the cables in the car. Your laptop is less likely to be taken if there are no cables to charge it, since it’s worth less at a pawn shop. Go figger.

Second, it is a very good thing to use Gmail or a web-based service for your email, especially when you travel. If I been using Outlook or Thunderbird, not only would the thieves been able to go back and read my email from the past, which would have included online transactions that included my address and other details, but I would have not had access to the emails saved on that hard drive any longer.

Since I have been using Gmail to access all my mail, all I had to do was change my Gmail password to keep others out, and ensure I still had access to everything. Much less panic that way.

Finally, on a computer you only use for traveling, keep the minimum or no saved FTP passwords in your FTP client. If you explicitly limit your FTP saved logins to those you’ll need on your trip, you won’t have to change every single FTP password you’ve ever used if your laptop is stolen.

Finally, never count on your stuff being safe. This apparently was the first theft in eight years at this particular establishment, which seemed quite secure, but a determined thief, or one in desperate need of some cash for a fix, will find a way to get in just about anywhere.

I found an old primer in a bookstore, and among its selected readings was “Advice to a Young Tradesman” by Benjamin Franklin. Here are a few excerpts.

Remember that time is money. He who can earn ten shillings a day by his labor, and goes abroad or sits idle one half of that day, though he spend but six-pence during his diversion or idleness, ought not to reckon that the only expense; he has really spent, or thrown away, five shillings besides.
…
Remember that money is of a prolific, generating nature. Money can beget money, and its offspring can beget more, and so on. Five shillings is turned six; turned again, it is seven and three pence; and so on till it becomes a hundred pounds. The more there is of it, the more it produces every turning, so that the profits rise quicker and quicker.
—
If you take the pains at first to mention particulars, it will have this good effect; you will discover how wonderfully small, trifling expenses mount up to large sums, and will discern what might have been, and may, for the future, be saved without occasioning any great inconvenience.
—
In short, the way to wealth, if you desire it, is as plain as the way to market. It depends chiefly on two words, industry and frugality; that is, waste neither time nor money but make the best use of both. Without industry and frugality, nothing will do, and with them, everything will do.

Today I discovered a strange behavior on my WinXP box. No websites would appear in Google Chrome. Internet Explorer would spontaneously open to serve ads, and occasionally popups would appear in Firefox too.

I ran a virus scan, and Zone Alarm pinpointed a .dll file in windows/system32 as the culprit. I quarantined it, and thought I was done with the problem.

Not so! It seems that whenever I rebooted the machine, the malicious file would return, only with a different name.

So, I checked all the usual places…

I ran regedit and found a registry entry in HKLM\Software\Microsoft\Windows\CurrentVersion\Run that was using RunDLL32.exe to run a dll called wumomara.dll and another that was identical running nusoyeta.dll.

I’m guessing these are random names generated by whatever trojan started the whole thing in the first place. They’re both 8 characters long with alternating consonants and vowels.

I deleted both, then did a search for wumomara in the registry, and noticed that it had reappeared as quickly as I had deleted it.

Crap.

I downloaded Mike Lin’s Startup Control Panel, and tried to delete it from there. Still no luck. As soon as I disabled one, an identical entry would appear.

I tried the same things after rebooting in Safe Mode. Still no luck.

I went to c:\windows\system32 and looked for the DLLs. They were hidden. So, I changed settings and permissions on the whole dang folder until I could see them.

Tried to delete them. Permission denied.

Tried to rename them. Permission denied.

Finally had some success when I tried to move them. CTRL-X from the system32 directory and CTRL-V on the desktop.

Yay!

Then I created new text files called nusoyeta.dll and wumomara.dll in system32 and made them readonly.

Upon rebooting, I got bombarded with errors that wumomara was not a valid file. Not a problem, everything started up.

Then I went back to regedit, and did another search for wumomara.

This time, I found it all over the registry and I started removing entries.

This time, when I deleted the entry from HKLM\Software\Microsoft\Windows\CurrentVersion\Run it stayed gone.

YAY!

Rebooting one more time showed that the errors were all gone.

Then, since somewhere along the line my firewall got buggy, I reinstalled ZoneAlarm, and ran a full “deep” scan. It found one remaining file… guhapiba.dll.vzr… which it was able to quarantine.

Chrome once again shows websites as it ought. No more unwanted popups are appearing, and my computer seems just a little faster.

I decided, after downloading and fiddling with Google’s new browser this evening, that a pretty good test of its mettle would be to do some Entrecard dropping with it.

First, I should note that every site I went to rendered just fine. I’m sure that makes all the web designers in the world heave a big sigh of relief. The last thing anyone needed was another set of odd CSS hacks they needed to incorporate into their designs.

It was also fast. Although there’s no Linky-like feature in Chrome, and I had to individually middle-click each link to load it in a new tab, there was absolutely no delay or stuttering while I did so. All the new tabs loaded happily on the screen. Unlike Firefox, which has scrolling arrows when you get too many tabs, Chrome just makes the tabs smaller, so when you’ve got lots loaded, it looks like a goofy looking mountain range at the top of the screen.

The biggest thing I noticed was that, even while the last sites were still loading, there was no delay when clicking the widget. You clicked the word Drop, and the next instant the Thanks, or Awesome was there.

Just to make sure this wasn’t just caused by a superfast Entrecard server tonight, I dropped my last 50 cards in Firefox. There’s a 6-8 second period where the yellow bar goes black in Firefox when some of the tabs have not finished loading.

The other thing I noticed is that when a script on someone’s site causes major malfunctions, Firefox closes completely, while Chrome just crashes the tab and keeps everything else running normally.

Actually, it doesn’t crash the tab, it just makes it unhappy. You gotta love those Google guys. Even a crashed web page becomes cute.

Finally, the extra screen space with Chrome might have also sped up the process, since I could see more of the widgets above the fold.

Overall, I really like Chrome. I am just hoping to see lots of cool add-ons like Firefox has.

I’m giving away 100 Entrecard Credits to the first 50 EC users who send me a secret code….

All you have to do is click this link to subscribe to my Google Links, then do a Google.com search for
Hello Mindsurfer to see the code and instructions.