I suspect the person who deleted the files was someone called "Administrator". And if you have to ask whether you can retrieve your server logs then I suspect the answer is "No".
More important than worrying about who did it is the question of what aspect of your security allowed this to happen. You need to thoroughly review your settings. If this is a production machine in a commercial environment then you should probably hire someone who knows about computer security to do this review for you. A "penetration" test will reveal the weaknesses that led to this.
The information on Computing.Net is the opinions of its users. Such
opinions may not be accurate and they are to be used at your own risk.
Computing.Net cannot verify the validity of the statements made on this
site. Computing.Net and Purch hereby disclaim all responsibility
and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY