Aliases: Win32.Darro.1311, Virus.Win32.Arrow.a, W32/Darro, PE_ARROW
Variants: Win32/Darro.A!hlp

Classification: Malware
Category: Computer Virus

Status: Inactive
Spreading: Slow
Geographical info: Asia, North and South America, Europe and Australia
Removal: Easy
Platform: W32
Discovered: 14 Nov 2004
Damage: Low

Characteristics: W32.Darro is a virus that primarily infects the following files: .exe and .hlp. Its first appearance was on November 14, 2004 and mostly infects Windows system like the Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003 and Windows XP.

More details about W32.Davs

This virus performs two things after its execution. First, the virus searches for the targeted file. They can either be .exe and .hlp or both. The virus infects the specific viral codes of each file. Then, once the file is infected, either .exe or .hlp opens which allows the virus to check for a particular time condition so it will cause a short beep. Hence, the .exe and/or .hlp files are successfully infected by the virus. Computers or networks infected with the W32.Darro program may use up system resources and consume more bandwidth. This program may also be used to install other malware, which can further exploit the infected system.

A user may obtain the W32.Darro application manually by opening an infected e-mail attachment, clicking links on instant messages from users not in the address book, or sharing files over the internet. It can also propagate automatically by taking advantage of security leaks of different operating systems. It can attack unsecure network access points in applications or the operating system itself. The W32.Darro application can spread on its own. It can propagate automatically from computer to computer within networks.