backup os? as in a mirror? or is it a different OS entirely?
Primary E:? Ummmm... okay. That's definitely non-standard. I honestly have to say that I don't know. It think it would depend on whether C:\ is formatted as windows readable. i.e. fat, fat32,ntfs. if windows can't read the drive then it would be on the same drive that windows is installed to.
The easiest way to find out is to navigate your start>run menu and right-click on Internet explorer, then select properties and see where it links to. It should be X:\Program Files\Internet Explorer\iexplore.exe where x is either c or e. You may have to fish through both OS installs to make sure they are both clean if you have a double-install or mirror of windows.
I will place bets that the fake iexplore process that is invoking the virus is in the \windows or \windows\system directory, or some completely unrelated directory. Like I said, Iexplore.exe should NEVER be invoked from the "run" keys in the registry. There's absolutely no reason to, short of having internet explorer automatically come up on system start, which except for demo computers isn't very practical. From what I read on the inernanet, yours is a virus that is generally included as part of a mal-ware package. Somewhere you accidentally or in the background installed a piece of software that had it in it.
I would suggest installing a anti-spyware package like
Ad-Aware or a similar program. The personal version of adaware is free but doesn't have real-time scanning. In other words, you have to start the scan manually. My zonealarm firewall's spyware scanner caught my trojan, but I'm coming to find that the firewall itself is not as strong as it could be, based on comments on the net.