I have a client who was having problems with one of his computers. Every time it booted, an IE window would open and try and bring up a (www.e-ren.net). When I went to change the IE properties, many of the options were greyed out and inaccessable. OK, time to edit the registry. Uh-oh, when I attempt to run regedit.exe, it tells me that the administrator hasn't given me that priveledge. Huh?

Most likely that is ActiveX. I can't imagine any other way for all those changes to take place with no prompting.You really should set ActiveX to prompt or disable, especially for shady sites like that one and most certainly if you're heading for the seamier side of the web. Javascripting too for that matter.

Regedit can probably be brought back with an XSetup plugin. http://www.xteq.com Install that and open it in the defaut UI. Navigate to System > Security > Common and there is a plugin to disable regedit/regedit32. Leave that box unchecked and click the apply button. If that doesn't do it, I don't know what to say. Perhaps you could try Reghance from Lavasoft. http://www.lavasoftusa.com/downloads.html Run a search on both machines for any files that contain that in it's text. Especially dll files as they're often used to hide registry hacks. IF you find something, could you send it to me?

That 2K machine won't have msconfig, so go here ( http://www.mlin.net/StartupCPL.shtml ) and install this. It works on 9x/2K. Not sure of XP. See if there are any rundll entries or regedit -s entries, or anything suspicious looking. If all that fails, try disabling things one at the time to see if that popup goes away. Also look at win.ini and see if run= or load= has a suspicious entry. Good luck, Mike Healan (Dingo) http://www.spywareinfoforum.info