Solved

Office documents randomly corrupting - possible malware issue.

Posted on 2013-01-31
4
327 Views
Last Modified: 2013-11-22
Hi there,

I have a really worrying issue that emerged yesterday with two independent customers. The first one was a laptop that was running extremely slow and then apparently some of the office documents had become unreadable. I immediately assumed adware / virus infection but was unable to remotely access it due to connection / stability issues and so could not confirm this. I got the customer to email me several of the affected documents (word, excel and publisher). Sure enough when I attempted to open them i got the same message as them: The file cannot be opened because there are problems with its contents. Details: The file is corrupt and cannot be opened.

Given that the laptop showed all the signs of being infected with some kind of malware I assumed at this stage that it had somehow corrupted some of the office documents. Within two hours I got a report from another customer (totally unrelated) that some of their office documents had become corrupted. I did have remote access to this machine and logged in to find exactly the same error message as on the laptop. I scanned for viruses and found nothing.

This is where I currently am. Could this be a new virus that is corrupting Office documents? I have attempted to repair one of the files using the office repair component of Ontrack Data Recovery. It repaired the header but then the data was unreadable. However my main concern is identifying the underlying cause.

Any suggestions or feedback would be welcome.
0
Comment
Question by:VogueSoftware
4 Comments
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 500 total points
ID: 38839165
I would recommend to scan the system with the tools mentioned below and in the sequence they are mentioned and post the logs

Make sure you DO NOT REBOOT the system after running tools in point 1 & 2.

1. RogueKiller/TheKiller
2. MalwareBytes
3. TDSSKIller

I would also recommend you to go through the articles from Younghv and RPG for the links of the tools and for the future reference

Basic Malware Troubleshooting
http://www.experts-exchange.com/A_1940.html

Rogue-Killer-What-a-great-name
http://www.experts-exchange.com/A_4922.html

Stop-the-Bleeding-First-Aid-for-Malware
http://www.experts-exchange.com/A_5124.html

Run MalwareBytes in Quick Mode and if that required reboot, then reboot the system and run tools mentioned in point 1 and 2 but this time run MalwareBytes in Full Systen Scan.

So in your next reply post the RogueKiller logs, MBAM logs and TDSSKIller Logs

Sudeep
0
 

Author Comment

by:VogueSoftware
ID: 38839184
Many thanks Sudeep,

Will get started on those steps shortly. It will take me a while though as there are three machines with network access to the files and theoretically it could be any of them with the issue - to make matters worse they need constant access to them during the day so i will need to work round the staff.

In the meantime if anyone else has had same issue or has any suggestions for repairing the office documents please speak up!

Cheers again.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This video walks the viewer through the process of creating envelopes and labels, with multiple names and addresses. Navigate to the “Start Mail Merge” button in the Mailings tab: Follow the step-by-step process until asked to find the address doc…
The viewer will learn how to simulate a series of coin tosses with the rand() function and learn how to make these “tosses” depend on a predetermined probability. Flipping Coins in Excel: Enter =RAND() into cell A2: Recalculate the random variable…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question