W32/Dref-C is an internet worm for the Windows platform.
W32/Dref-C spreads via IRC channels and by attaching itself to outgoing emails.
When first run W32/Dref-C copies itself to <System>\SysDrefIWv2.exe and creates the following registry entries so as to run SysDrefIWv2.exe on startup:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
DrefIW
"<System>\SysDrefIWv2.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DrefIW
"<System>\SysDrefIWv2.exe"
The worm may begin to delete all files on the system prior to sending any emails.