Another user posted something about this in the Logs forum, figured this was a more appropiate place to discuss it.
Just ran into this on a system after removing FBI from it. After full removal of the FBI virus and cleaning other infections from a system we noticed that we could no long open a large number of the users files. At first we thought we had run into the Crypto virus, but soon realized that this wasn't the case.
From what I'm seeing its corrupting the files deleting the first so many bytes from each file located in the normal users folders. (Ie Documents, Pictures) If a user had a folder stored in say C:\Users\MyUserName\mypic it won't touch it, however a subfolder on the desktop will be affected.
I realized what had happened when I opened a newly created docx file and a corrupted docx file in notepad. All intact docx files have a certain header to the file. All of the corrupted ones for my user were missing that header. It looked as if the virus simply deleted the first so many bytes at the beginning of each file. Not sure if it deletes parts of the end of the file though.
Ran the users damaged photos through Stellar Phoenix's JPEG repair utility and we've been able to recover many of their photos. No such luck repairing the documents so far, but the user was more worried about her photos than her documents so we haven't spent a lot of time on that yet.
I'm not at work right now so I don't have any example files with me to post.
Anyone have suggestions on how to recover damaged Office 2007/2010 files? Pretty sure the damage also occured to PDF files also.