OK, this is extremely strange, and seems like it could only be explained by a virus. First, my Symantac Antivirus on my SBS 2003 Standard Edition R2 was due for its annual virus definition subscription and, since I decided I didn't want to use SAV again, I disconnected the Internet access and began installing Trend Micro. Unfortunately, I wan't able to get it completely installed and as our business needs to access the Internet, we were without an antivirus program for 24 hours. (I know, very stupid).
We have seven computers on the domain with one server. The computer in Room 1 began acting very strangely the day after. It is very strange. I have a few sites that require a logon and a password and then I have to type in a medication in order to look it up. The second I put the cursor in the field for the med, the browser would instantly return to the home page. The browser wouldn't close it would just go back to the home page. I would repeat the process and the same thing. It was very reproducible. This was occurring with every single web page like this.
Also, we have an electronic medical record, where you have to enter words or phrases in fields. As soon you entered a phrase like, "Fever for three days, the cursor would instantly move back one space skipping over the last letter. It would basically look like this: Fever for three day|s if you can call the line before the 's" a cursor. If you clicked on the backspace key, it would delete all of the letters to the left, and the last letter which was on the right would follow it. Another thing was if you right click in a window in the program, it will bring up a window with key words where if you left click on them, it enters the data associated with it in the section of the record. Basically, these are templates. But, with this computer, before you could selecton one, it would enter the top on in the list. Finally, if you clicked on visit history, a window will open listing all of the dates and visits. Normally, you highlight one, and the entire visit that was previously written will show up in the page below. But, on this day (yesterday), you could highlight one and it would show the note, but then the blue highlight would randomly move up to another note and put it in.
I assumed this had to be a virus. Trend Micro was installed and received updates and scanned the PC and found nothing. I then uninstalled the client, because I was used to that antivirus and installed a single, standalone AVG virus scanner, updated the definitions and scanned the computer. Nothing.
So, I come in today to check on it, and the Windows XP screensaver, instead of showing a small icon had a giant icon that took up 1/3 of the screen. CTRL - ALT - DELETE brought me to the next window where the logon window was HUGE. Took up the entire page. I logged in and the desktop was fine. I figured my VGA would be set to 600 x 800, but it was OK. I then did the webpage thing and the EMR thing and everything is perfect.
I am completely stumped. I did disconnect that computer from the network. The only other weird thing is on my own computer in my office, Task Manager is gone. You can right-click on the taskbar and click on Task Manager, but it doesn't appear.
I get a little confused at times with viruses, etc. I know it isn't good to leave the network insecure, but I run the network with Symantec for one year, and it would seem like if a virus entered the LAN, at least Symantec would see it and tell me. Or find it in a scan. Why would I get a virus the ONE day I was unprotected. We have a good hardware firewall and Windows firewall. And, the two computers I am worried about are only used by me, and I don't surf strange websites. If a virus doesn't come in by email, how does it get in? Through a website? A person from the outside?
Sorry, this is so long. Just wanted to give you all of the information.