A few days ago I started receiving lots and lots of returned virus e-mails(I am supposed to have sent) from people and companies I have never heard of. Outlook express shows no record of having sent these. I have scanned my system with Nortons 2002 & Bullguard and found nothing.
These E-mails may in fact be eminating from my machine beause I check the times they are sent and it always is when I am online, usually downloading from kazaa(I know.. I know, Kazaa is evil...but it is a necessary evil). Anyway after reformatting all was well for one day then the problem recurrs!
Please GURU people help me!

Email spoofing
This worm often uses a technique known as "spoofing." When it performs its email routine. it can use a randomly chosen address that it finds on an infected computer as the "From:" address, numerous cases have been reported in which users of uninfected computers received complaints that they sent an infected message to someone else.

For example, Linda Anderson is using a computer that is infected with W32.Klez.H@mm. Linda is not using a antivirus program or does not have current virus definitions. When W32.Klez.H@mm performs its emailing routine, it finds the email address of Harold Logan. It inserts Harold's email address into the "From:" portion of an infected message that it then sends to Janet Bishop. Janet then contacts Harold and complains that he sent her an infected message, but when Harold scans his computer, Norton AntiVirus does not find anything--as would be expected--because his computer is not infected.

If you are using a current version of Norton AntiVirus and have the most recent virus definitions, and a full system scan with Norton AntiVirus set to scan all files does not find anything, you can be confident that your computer is not infected with this worm.

There have been several reports that, in some cases, if you receive a message that the virus has sent using its own SMTP engine, the message appears to be a "postmaster bounce message" from your own domain. For example, if your email address is jsmith@anyplace.com, you could receive a message that appears to be from postmaster@anyplace.com, indicating that you attempted to send email and the attempt failed. If this is the false message that is sent by the virus, the attachment includes the virus itself. Of course, such attachments should not be opened.

The message may be disguised as an immunity tool. One version of this false message is as follows:

Klez.E is the most common world-wide spreading worm. It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC.

NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me.

For what it's worth,I deleted an e-mail that says it was sent by me and returned.This is impossible since I haven't sent any e-mails the size listed(over 120kb).What's in the numerous big e-mails?I'll probably never know because I refuse to open any e-mail from someone that I don't know.And I scan frequently with my anti-virus and spybot.I am clean at least!Good Luck,JB

Thanks Mr Wizard for your help. I suspected as much though I am still uncertain why its appears these e-mails only get sent when "I" am online. Coincidence?

programs don't need to use your default mail program to send an e-mail (thus outlook can't put it in the sent folder). Basically, if a program can access a server at the smtp port, they can e-mail anyone. I can use telnet and send a fake mail in 2 minutes...to anyone, saying it's from anyone. Thus a program you're running (virus/trojan) has detected the internet connection, and thus is sending mail.

also check http://www.computing.net/security/wwwboard/forum/1766.html

But it sounds to me that you've been infected (if it does correlate with your online time). if you have linux or a unix account, try opening the e-mail and reading its header...if you really sent it, then you should be able to trace it back to your computer as the original sender. Post a copy of the email header if you're not sure how to read it, and we'll tell you what it means. Just be sure not to open the attachment on your computer

Thank people for your suggestions. Hmm what do you make of the fact that I have scanned and scanned found nothing then even reformatted still to have the problem? This is the part that frustrates me the most.