I don't know who your ISP is or their level of knowledge, but it is quite possible for email to appear to be coming from an uninfected source. Many viri work that way. All that's needed is for your address to be in someone else's address book (.wab), which the virus then 'harvests'. Ever wonder where those people trying to sell '1 million email addresses' get them ?

Sending an email masquerading as someone else is simple, but shouldn't fool a good sysadmin. It will fool most automated mail monitors, so if you've been hijacked one of the first signs is a bunch of 'undelivered mail' responses from domains you've never heard of.