How would anyone else recognize it? What was it called?

We're these messages sent from your account actually in your Sent folder?

The major incentive for a trojan or whatever to target an email client is to raid your Address Book for valid and active email addresses. Sending spam etc via your account, and thereby leaving evidence in your Sent folder or in your email provider's server logs would be really daft. Spammers don't need access to your email client's sending capabilities.

The usual trick would be to install a covert smtp server on your own machine, which could send spam invisibly. This is the main reason many ISPs block port 25 as normally used by smtp.

All well and good, Zenos, but in fact there were spams being sent from my address, and there were no records in my sent file. I have no evidence that my address book was being used, but it's possible. As far as the name goes, it was gibberish, and the beast might have any name it chose, so I didn't copy it. Probably should have, before killing it.

What evidence has been provided to support this claim that spams were sent "from" your account?

I too receive messages which say I sent them, but inspection of the headers always reveals a source elsewhere in the world, and pretty much always in a remote country or continent.

It's comparatively trivial to insert a fake "from" address into email messages.

A spamming tool, trojan or what have you masquerading as an addon is new. If anyone sees this again, then it needs to be reported and forwarded to raise awareness and allow it to be studied. .

The evidence, Zenos, is from the records of my email server, who ends up blocking my account because of the 'spam' being sent under my name. Moreover, I got a blacklist on my IP address too, even after I changed that. That's more than a fake name spam. I've received messages like that too.

With nothing showing up in the sentmail box, I am wondering if it is possible for a trojan to simply report my email password (it must have somehow, since I changed it twice), so that a spammer could send from somewhere else and the spam would not show on my sentmail file.

"extension" which appears to be a trojan that was not findable by AV scans.

What is that add-on you mention? What is it called. This is a very very serious allegation you are making and AS SUCH i MUST PURSUE IT.

Mine must have come in with either an email or with a TB "update".

The security of millions of user is at stake if your being fed infected updates This is not occurring of that I am sure as this forum would be alight with angry individuals, not a lone voice.

As for getting an infection from an email. Thunderbird allows no scripting or flash in mails. There is no way for anything contained in an email to enter the program. The two things are sand boxed apart. So that only leaves an attachment and seriously if a trojan arrived in an attachment and your anti virus missed it. It is time to invest in some real anti virus software.

I have never heard of a Thunderbird extension that masquerades a Trojan in it's spare time. Please I need facts to pursue this further.

What sort of anti virus are you using that it can not detect a trojan. Detecting such is fundamental to an anti virus program having any credibility at all.

Was it an add-on/Extension or a Plugin? Plugins being installed in web browsers but accessible from Thunderbird via the registry. These are all disabled by default.

Matt: I used both AVG and Malwarebytes to scan my computer. I am sorry I did not copy the name (it was a series of various characters)-- is there a way to find the name of a dismissed extension? As far as the source, I have no idea where it came from, but it was listed as an extension when I went to the extensions list in the settings menu for TB. It was probably sending somewhere my password, since I changed it and a day later my email server reported more spams from my address, and no spams were showing up in my sentmail folder.