'Jitensha' by Oreskaband

Bicycle, bicycle, bicycle... I reverse engineered this song from scratch, people. Though, it's probably tabbed out nicely somewhere -- I just always have to do things the hard way, don't I? I'm covering the full version here, but I heard it first (and fell in love) by way of Naruto Shippuden's latest credit's roll.

The lyrics are memorized phonetically and from katakana transcription. No, I don't speak Nippon-go.

O, ne? Hai! So desu!

[UPDATE: By request, I've tabbed out my method of playing this song and posted it here.]

This Day in 1981...

By "this day" I mean Sunday before last, and by the trailing ellipsis I mean to say that I was born. Whereas "this day," 2010, I went golfing con mi padre.

'Old Joe Something was a woodsman and he rowed his boat ashore.'

After nine holes and 48 strokes at White Lake Oaks I then proceeded immediately to Bay Court Park for 18 holes and strokes-unspecified of disc golf, yet still con mi padre.

"Everybody get down!"

As you can surely imagine, after twenty-seven holes and two golf-oriented sporting activities I really needed to eat some Mexican food. "To Mexico Lindo!" ...con mi padre y mi madre tambiƩn.

Now that I had the whole family assembled we retired to la casa for cake-by-Mom.

Just add homemade whipped cream.

And you were there, and you were there, and your little dog too.

Andy, the timid.

Let's open presents! I got a divot repair tool; A crazy prong-ended hand tool whats purpose only my dad knows -- and isn't telling; A deck of cards printed for the website Omega.com featuring - instead of naked ladies - ham radio equipment, capacitors, oscilloscopes, multimeters, and other obscure tech; a good hat; And... wait. What's this behind me here?

"A brand new car!"

No one mention the white Mongoose in the room.

I recover from the blind-side. Dad goes home. My mom and I have a beer and talk about the good-old days, or the lack thereof, or something. I don't recall.

Mi madre con su perro Andy.

Some days later my new license arrives to announce that in four short years I've gone from pudgy, rosy-cheeked stoner, to officer tight-ass, highway patrol.

Me thinks, for soothe, the truth lieth here betwixt.

'Virus Protector' Removal

I came across an infection going by the name of "Virus Protector" today. It had taken over the Windows XP shell via:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell

...replacing the value 'Explorer.exe' with its own executable (randomly generated filename) located under C:\Windows\system32\. It had also disabled the task manager via the registry at:


This combination left no entry point for online repair since even Safe Mode boots whatever shell the Winlogon refers it to.

I removed the hard drive and hooked it up to a diagnostic machine. I cleaned the temp files and ran a virus scan as a matter of course, but a certain methodology I used makes this article worth writing -- if only to me.

Guessing, at that time, that the Winlogon\shell value was the culprit I used LoadHive.exe to mount the software portion of the infected machine's registry located under C:\Windows\system32\config\.

Upon inspecting the Winlogon\shell value I found it redirected, (of course) but as I was accessing the registry offline now, correcting the corrupted key by editing the value at the registry wasn't the easiest solution. Instead, I made a copy of C:\Windows\explorer.exe, renamed it to match the name of the infection, and pasted it in place of the virus. This allowed me to boot the computer normally and continue the repair by unlocking the registry, which had also been disabled "by my Administrator." Thereafter I edited the Winlogon\shell's value back to its correct value of simply "Explorer.exe," thus defeating Virus Protector.

The End

P.S.: Pretty neat how you can close off a machine entirely just by hijacking the Winlogon\shell and disabling task manager, ain't it?

[ Update: Why didn't I just edit the Winlogon\shell value via Loadhive.exe, you ask? I have no good answer. I just got it in my head that Loadhive was a read-only tool. It's not. Changes made after a hive is loaded are written to the hive as they usually would be. So nevermind any of this, I guess. Just change the shell value when you're in regedit and be done with it. ]