We have earlier posted an article about how to automatically scan an inserted USB stick for viruses. That article makes use of the USBVirusScan tool from Didier Stevens. Pendrive Ninja Pendisk is another such utility which can be used to prevent infection from an inserted USB stick. Here is how :
You can download the Pendrive Ninja from http://www.ninjapendisk.com/. The download is available in form of an executable file Ninja.exe. The Ninja Pendisk does not come with an installer. Just download Ninja.exe and double-click on it to run it.
When you run the Ninja.exe, it puts an icon in the notification area (also called system tray) of Windows desktop. If you right click on this icon, you will see many options you can choose from.
You can disable Windows Autoplay feature by choosing Disable Autoplay from the right-click menu. You can choose to automatically disable the malware on the inserted USB stick by choosing Automatic Clean. You can set Ninja Pendisk to automatically run on Windows startup by choosing Add to startup. If you choose View Configuration, then a text file Ninja.txt would be opened showing you the configuration. It lists what Ninja Pendisk will do when you insert an USB stick.
When you insert an infected USB stick in your computer, Ninja Pendisk detects which actions to take. You are shown a small window with a counter of five seconds. If you do not hurry it first, it will continue and do its work after five seconds.
It renames an exisiting autorun.inf file and create a hidden folder named autorun.inf. It deletes Recyled folder on the USB stick if found. It also deletes a bunch on known malware files.
Although all of the antivirus products today have the ability to scan an inserted USB stick and stop autoun.inf from being executed, yet a utility like USB Ninja is very useful and should be used specially on older Windows XP systems.