Our Customer has a Dell computer a Dimension 5150 of course! Unfortunately his daughter who shall remain nameless, was on the internet playing a game, and must have let the virus in that way…… a fairly normal and usual thing for a teenager to do…. But now after some kind of script ran on the machine, the computer tries to boot, but it is no longer possible to enter a password into and log on icon, since there is “a dialog box that says dicfcoms.exe Application Error message,” and goes onto say that the program can not write to memory, at a certain location, oh yes and, the mouse cursor is locked yes and just to really wind you up, there seems no way of entering a password into any of the three accounts that you can see on the log to create a on screen of Windows XP.
We used Pendriveliux.com to install ophcrack onto a CD, and put the files to make it work onto an 8 GB Memory USB 2.0 stick. What you do is to put the cd in and boot from it, and make sure that when the machine does boot that the USB stick with all the files on it is firmly shoved in to the usb port. The password cracker runs and find the tables on the usb stick and then displays the passwords for each account. We found that the passwords were as the user said they would be, but this didn’t really help because it was not possible to click on any icon on the screen and actually enter any password….. The mouse cursor would not move at all even if you move the mouse itself.
We removed the drive from the machine and scanned it using malwarebytes, it found nothing at all, but Aviria found a Zlob Trojan program on the drive, we deleted this and still the windows log on screen has this dialog box on it saying dicfcoms.exe application error message.