Because the virus/worm uses it's own SMTP engine it will
1. Completely depends upon the OS. In Windows, there will be no kept logs of usage since it is a seperate SMTP engine. However, if an email fails to send properly, chances are it will end up back in your inbox as "Message Undeliverable", but that hardly constitutes a logfile. On the other hand, within a *nix/*BSD distrobution, it would most certainly be logged. I'n nearly positive sendmail logs activity in and out as normal procedure, including seperate SMTP engines. On the other hand, getting a seperate SMTP worm engine to work on nix is near null since it does not have proper permissions or area control.
Why would it need root? It's outbound only so there's no need to open a port <1024 hence no need for root. As said above any user can telnet to port 25.
Correct, in order for an SMTP engine to have unlimited access it would need some way to run as root, especially if it is a secured and locked down box.