Hi again,
I've done a bit of searching, but couldn't find what I was looking for.
So here goes my question:

If a box becomes infected with a worm or trojan that carries a SMPT engine as a payload,
does it leave evidence of the e-mails it has sent, akin to a log as in the "SENT ITEMS" folder
of popular e-mail programs? If it is harvesting addresses from the 'official' e-mail program, is
it not using some of its functionality, or does the SMPT engine (the bad one) just run in the background? Could somebody be so kind and enlighten me on this process. I would have thought that if the SMPT engine spews out a bunch of e-mails, my 'Sent Items' folder would be overflowing, and if not, why?
Just would like to get to the bottom of this. I think that the address book is a seperate entity, but am lacking some insight on this subject.

Thanks

g8way2u