This is probably old news to a lot of you by now but I found it in one of the newsletters I subscribe to. The article describes how to completely disable autorun.inf on any media from automatically executing. Yes, there are times that itr will still execute, even if you think you’ve turned it off. The above-linked article is derived from this weblog entry, which describes the attack and how to disable it. It all comes down to creating a new entry in your registry (you should already know how to do this) by putting the following into a text file and importing it into REGEDIT (note that everything between the “[” and the “]” should be on one line):
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"