So... one day "John" called Tom (a W7 Home user) and convinced Tom to allow him (John) access to the computer... John claimed that there was a problem detected.
Tom paid John whilst allowing him access to which, of course, John went to the event log and scared Tom with some red X's.
They finish their call 30 minutes later and John hangs up.
Everything seems fine for a couple of days, but Tom doesn't feel comfortable and decides to utilize a logon password where none existed before.
Several weeks pass, Tom is using his computer hours a day and then one day the password doesn't work.
I'm not sure how, but Tom and a neighbor end up getting into the computer.
I'm called out because once they got in everything was missing.
Sure enough Tom's password gets you into the computer and everything is gone... kind of. All programs remain. All data is lost.
Looking through Program Files and Program Files(x86) show creation dates dating years back... thus I don't think the computer was reformatted... this as well as Tom stating that they (he and his neighbor) did NOT re-install any software.
I've unhidden all files, even protected files, and still don't see anything.
Tom used Outlook quite extensively. Not only is the pst gone, but Outlook opens as if it has never been used asking if you want to set up an email address, etc.
Any thoughts?
I'm sure there is probably a Logmein type program residing on Tom's computer - if nothing else, do a search for the word Logmein in Regedit.
If possible, I'd try a program like Recuva from Piriform or Ontrack Easy Recovery Pro as a last resort to recover any data that's been deleted.
Hopefully, they recover at least some of the more important files.
After recovering any files, I'd fully reformat and clean install to be SURE any vulnerabilities are corrected.
Good luck!