Iexploreu Virus

March 31, 2004

The Iexploreu virus has been discovered at Virginia Tech. Iexlporeu.exe is an executable that resides in the system32 directory and will shutdown Symantec AntiVirus and disable regedit.exe (The windows registry editor) about 10 seconds after execution. This will leave any infected computer without any anti-virus protection and susceptible to other virus infections.

Note: At this time, Symantec AntiVirus does not detect this as a threat.


  1. Boot into safe mode.
  2. Click on ‘Start’ then ‘Run’.
  3. Type in ‘regedit’ and then click ‘OK’.
  4. Navigate to the key below


  5. Find the iexploreu.exe key and delete it.
  6. Close the registry editor.
  7. Click 'Start'.
  8. Select ‘Search’.
  9. Search for iexploreu.exe and delete the file.

After following these steps you should be able to run Symantec Antivirus and regedit.exe without and problems.