Does anyone know how this worm actually gets into a network in the first place? All Symantec (and any other google hits) has to say is how it spreads once it's in the network.

It showed up on 2 machines last Thursday in the form of sysldr.32.exe. One of the machines had registry entries while the other didn't. Both were easily cleaned. The next day it showed up on the machine that didn't have registry entries again. This time in the form of ctkayv.exe, which doesn't get any hits in google.
Once again it didn't make it to the registry.

I upgraded the firewall to NIS and haven't had a problem since.

BTW, one machine never recieves any email and the other hadn't gotten any in over 3 weeks.