If you're going to disable it is there a reason it needs to be done at login? Just curious.
You should be able to set up a policy task to run at next login.
No it dosnt have to be at login..
JMO, but I would use a custom vulnerability to do this, as it is pretty much set it and forget it. The key is HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services and you will find the name of this service. Note the Start key, set it to 4 for disabled. So you would stop the service and then set it to 4. Here is a page that describes all the service settings. http://windowsitpro.com/article/articleid/71649/jsi-tip-0324---registry-entries-for-services.html
Link to create a custom vuln http://community.landesk.com/support/docs/DOC-5960
Setting the same registry key as ZMan described is exactly what I was going to recommend. I think that is the easiest way to accomplish the task, and doing through a custom vulnerability will ensure that it remains set.
No wonder that guys got "Master" status. [-8
LOL Master = Too much time on my hands....
Another possibility is to use the SC command (Windows XP/2K3/...)...
Stop the service and set it to disabled:
sc stop ServiceName
sc config ServiceName start=disabled