Well.....why does that so called user have those kind of prilledges on the network\server...to be able to run an exe on a server...I disagree with this assumption. It could have been introduced from a user clicking an email somewhere else on the network and then wormed it's way onto the server through an exploit. Ever hear of Code Red?
I am sorry.....can you explain???
I have seen worms infect open shares...because the users have full control rights to them....
Users on networks should not have administrative access to a server....
MLF