I get this in an email from NAV for Microsoft Exchange-CDLAEX01 [NAVMSE-CDLAEX01@carsdirect.com]. The email it was sent to, barely gets any email at all for me to think that I downloaded a virus from that email and the virus sent it to people. I also don't have any names in my address book. I don't know if I have a virus or not, what do you guys think?

*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
Recipient of the infected attachment: Ogawa, Howard\Inbox
Subject of the message: Japanese lass' sexy pictures
One or more attachments were deleted
Attachment endspan.exe was Deleted for the following reasons:
Virus W32.Klez.H@mm was found.
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-

Here's some info on it from Norton:

http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html

and specifically .h variant:

http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html

should see if their removal instructions to see if your computer shows any signs of infection (such as weird file in your windows directory or etc)

also, I'd recommend updating your antivirus program, and scanning your whole computer.

g'luck

Originally posted by iamdave
I get this in an email from NAV for Microsoft Exchange-CDLAEX01 [NAVMSE-CDLAEX01@carsdirect.com]. The email it was sent to, barely gets any email at all for me to think that I downloaded a virus from that email and the virus sent it to people. I also don't have any names in my address book. I don't know if I have a virus or not, what do you guys think?
Machines infected with Klez send out emails with the the 'from field' pulled from the infected machine's address book. This means that your address could very well have been in the address book of that infected machine, and when it went out, it pulled your address.

Scan your machine, but if it comes up nego, this is what happened.

http://download.com.com/3000-2239-10104613.html?tag=lst-0-1
I found a removal utility here.
Thanks.

Originally posted by Chicken

Machines infected with Klez send out emails with the the 'from field' pulled from the infected machine's address book. This means that your address could very well have been in the address book of that infected machine, and when it went out, it pulled your address.Actually, like with most current similar email worms, the address might not have been pulled from an address book, it also could have come from any html or text document on the originating PC -- including web pages in the cache. But Chicken's point is correct: that your email address was in the FROM: line doesn't mean that the message containing Klez came from you. It still might have, so it's worth checking your machine, but it could have come from any machine that contained a file with that address in it.