Re: SAM Broadcaster? And the moral is...
Sorry, but this is a competence fail rather than a Windows fail. Disabling autorun would partially mitigate the risks here, but you should have enabled the File-Based Write Filter, and allowed persistent writing only to folders where your embedded application needed to write it's data.
As is perfectly obvious to everyone who writes Windows software. Just as no one ever uses "it's" when they mean "its".
Why not tell us it's the OP's fault for dressing their application in such a provocative manner, while you're at it?
Security by perfect vigilance. Yeah, that'll fix things.