I am a senior systems engineer at a mid-sized ASP/hosting company. 9 or 10 months ago we had a large lay off which included our company's marketing director.
None of our upper management thought to take the time to look through his emails or laptop data when we offered to provide it to them after the termination was announced. After about two weeks I went ahead and "fully processed" the termination which entails removing the user's email account (30 day retention), moving all of their personal drive data to another location to be backed up...etc.
Shortly before he was fired he worked out a (bad) deal with one of our customers which currently brings in roughly $15k per month. Now, 9-10 months later, our customer is calling this into question as to what they're being billed for. Guess what, no one has a statement of work (the customer probably does but they'd never share it). This thing is nowhere to be found...
I dug up his hard drive and slapped it into a laptop. It booted up and immediately i noticed something was wrong. nothing on the start menu, nothing under all programs, and some strange "legacy windows" explorer behavior. So i check out the C:\ and low and behold, almost every file and folder (outside of MOST required OS stuff) has had its name changed to a random letter or number.
From what i can tell this freaking guy ran some utility out of spite that not only wiped out any data on the drive but also destroyed the folder structure throughout the system. I was unable to collect any information from it and decided it's better to take the drive to a recover expert.
Has anyone heard of a utility that can do that? If so, is there a recovery method that you may have used to reverse the damage? We're more than likely taking the drive to an expert this week but i'm curious if we might have recourse to take this guy to court and float the cost of the recovery.