The Microsoft Windows Operating Systems use the AUTORUN.INF file from removable drives in order to know which actions to perform when a new external storage device, such as a USB drive or CD/DVD, is inserted into the PC. The AUTORUN.INF file is a configuration file that is normally located in the root directory of removable media and contains, among other things, a reference to the icon that will be shown associated to the removable drive or volume, a description of its content and also the possibility to define a program which should be executed automatically when the unit is mounted.

The problem is that this feature, widely criticized by the security community, is used by malware in order to spread by infecting as soon as a new drive is inserted in a computer. The malware achieves this by copying a malicious executable in the drive and modifying the AUTORUN.INF file so that Windows opens the malicious file silently as soon as the drive is mounted. The most recent examples of this are the W32/Sality, W32/Virutas and also the W32/Conficker worm which, in addition to spreading via vulnerability and network shares, also spreads via USB drives.

Due to the large amount of malware-related problems associated with Microsoft AutoRun PANDA have created a free utility for the user community called Panda USB Vaccine.

Computer Vaccination

The free Panda USB Vaccine allows users to vaccinate their PCs in order to disable AutoRun completely so that no program from any USB/CD/DVD drive (regardless of whether they have been previously vaccinated or not) can auto-execute. This is a really helpful feature as there is no user friendly and easy way of completely disabling AutoRun on a Windows PC.

USB Vaccination

The free Panda USB Vaccine can be used on individual USB drives to disable its AUTORUN.INF file in order to prevent malware infections from spreading automatically. When applied on a USB drive, the vaccine permanently blocks an innocuous AUTORUN.INF file, preventing it from being read, created, deleted or modified.

Once applied it effectively disables Windows from automatically executing any malicious file that might be stored in that particular USB drive. The drive can otherwise be used normally and files (even malware) copied to/from it, but they will be prevented from opening automatically. Panda USB Vaccine currently only works on FAT & FAT32 USB drives. Also keep in mind that USB drives that have been vaccinated cannot be reversed except with a format.


Panda USB Vaccine is a 100% free utility. We’ve tested it under Windows 2000 SP4, Windows XP SP1-SP3,  and Windows Vista SP0 and SP1. Feedback is always welcomed. Click on the download button below to start downloading.

Command line Operation

For advanced users who wish to run Panda USB Vaccine automatically at boot to notify every time a new USB device is mounted on the system or to perform network-wide computer vaccinations via login scripts or other distribution methods, Panda USB Vaccine can be operated via command-line. Its input parameters are the following:

USBVaccine.exe [ A|B|C|Z ] [ +system|-system ] [ /resident [/hidetray] ]

[drive unit]:     Vaccinate drive unit
+system:      Computer vaccination
-system:        Remove computer vaccination
/resident:      Start program hidden and prompt for vaccinating every new drive
/hidetray:      Hides tray icon when used with the /resident command

To vaccinate USB drives F:\ and G:\, use: USBVaccine.exe F G

To vaccinate the computer, use: USBVaccine.exe +system

To vaccinate computer and prompt for vaccinating every new drive without showing a tray icon, use USBVaccine.exe /resident /hidetray +system

It could be very useful to create a Shortcut in the Startup folder to USBVaccine.exe with this last command line (or without the /hidetray) to make sure that every time you boot the computer USB Vaccine gets loaded by the system and it vaccinates the computer and prompts the user for vaccinating any new non-vaccinated USB drive. However if you do this under Vista, UAC will block it from running at Startup as it requires admin privileges. This will be fixed in future versions.


Como Inmunizar un USB drive para que no se infecte con “Auto-Runs”…!!!

A continuación les hablara de un truco que funciona muy bien para inmunizar tus USB drives- (Llaves Maya- o- Memorias), hemos comprobado su efectividad porque se probó en numerosas ocasiones en diferentes USBs. Después de correr pruebas en varias memorias de diferentes marcas ningún virus se les pudo meter para infectarlas, simplemente siga a continuación el siguiente procedimiento.

Ahora explicare como funciona:

La mayoría de los virus (si no es que todos) infectan la memoria con un documento llamado “autorun.inf” ya que con este documento de bloc de notas es con el que se inician y sin el estarían obsoletos y no servirían de nada este tipo de virus.


1.-Desinfecta tu memoria de cualquier virus y si tu PC también está infectada mejor vete a un ciberinternet (internet publico) donde no tengan virus.

2.-Después de desinfectarla, crea un nuevo documento del bloc de notas con cualquier cosa de contenido, eso no importa, después guárdalo con el nombre de “autorun.inf” y dale en aceptar.

Nota: Debe estar en la raíz del USB o mp3 (ósea que no lo metas en ninguna carpeta o NO tendrá efecto).

3.-Dale clic con el botón derecho del mouse en el documento que creamos y métete en propiedades, ahí activa la casilla de verificación que dice “solo lectura” y guárdalo otra vez.

4.-Si te salió bien aparecerá un icono de un bloc de notas con un engrane, puedes ocultarlo, pero no lo recomiendo ya que así será mas difícil encontrarlo.

5.-Listo!! Ahora cada vez que un virus quiera infectar tu memoria o USB solo aparecerá en la memoria pero sin funcionar ni ejecutarse ni infectarse ni ocultarse, y podremos borrarlo sin problemas, es como si un ladrón entrara a tu casa pero no se robara nada ni rompiese nada y además se quedara ahí para que lo entregáramos a la justicia…

Leer:   (Haz clic en G+1, Tweet me y comparte en FB)

Bajalo: (Español USB Antídoto)