Security Basics: admin privileges and trojans

["W W" <crackd () gmail com>]

I'm trying to put together some information for the higher ups to show
them the threat level by allowing users to have admin privileges on
their systems.  Would it be safe to say that a lot of trojans/viruses
could not be installed on a system where users did not have admin
privileges?  Are there any good studies or analysis out there?  I've
looked around a bit, and I have found some minor articles.  I wanted
to see what your thoughts were.

Thanks.
C