I disagree with this assumption. It could have been introduced from a user clicking an email somewhere else on the network and then wormed it's way onto the server through an exploit. Ever hear of Code Red?
Well.....why does that so called user have those kind of prilledges on the network\server...to be able to run an exe on a server...

I am sorry.....can you explain???

I have seen worms infect open shares...because the users have full control rights to them....

Users on networks should not have administrative access to a server....

MLF