Recently a lot of AV software which offers e-mail scanning has taken to the bad habit of sending a warning to the person listed in the FROM field. It is a bad habit since most of the recent e-mail worms forge the FROM header to point to an innocent third party. So if you get one of these warnings there is a strong chance you are not infected. It is best, of course, to check your systems to ensure you're not infected.
If you do get one of these messages they will often list the code for the worm they have found. For example one big one right now is "Beagle.J@MM". Upon receiving a message like this the first step should be to take the name of the worm found and do a Google search on that string. This will bring up pages relating to that worm. A brief review of those pages will often tell whether or not the worm forges the FROM line. If it does, you're most likely not infected. If it doesn't, you most likely are.
If the message appears to originate or reference an ActionWeb server chances are almost certain that the server is not infected. This is for a very simple reason. 99.9999% of all worms and viruses are written for Windows. ActionWeb servers run Linux. The worms and viruses simply cannot run on the server. :)
