@teamaamaster,
Well there are several measures you can take, educating the users to somewhat safe(r)Hex is one,
because it all starts with P.E.B.A.C. (Problem Exists Between Keyboard And Chair), aka
users causing malcode infections....
Use an av solution for peripherals - MxOne:
http://www.mxone.net/en/this is an av protection for removable storage devices, a main source of infection...
Then in an attempt to suggest something to you, here is a test that was conducted last year with help from Wilders members using different products. The test uses a web-based remote code execution exploit, but the principle applies to anything that triggers an executable to run, including autorun.inf. »www.urs2.net/rsj/computing/tests/remote
polonus