Originally Posted by ubearcats
.... [the] damage was already done...
This is the safe viewpoint. Unless you have an 100% comprehensive and exhaustive listing of each and every file that was incorrectly changed (which I would assume would be unlikely in the extreme) my recommendations would be to:
1. Backup any important data
3. Review your security policy, and give only 2 or maybe 3 trusted people true root access. I'm sure your co-worker meant well, but I'd suggest looking at it this way: If his/her actions were a deliberate act, rather than an accident, would you consider it sabotage/vandalism? I would, and I'd consider pressing charges if I knew who was responsible. Maybe it was a true and/or innocent rookie mistake, but even so, I'd only give root to someone whose job actually required it, and they had demonstrated that they would use it responsibly.
Keep in mind that in Linux, it is assumed that root knows what he/she is doing, and thus any commands executed by root will be performed, no questions asked. Good luck with it regardless.