I'm always in hurry so I cannot wait for photorec to do all the recovery process with my 200GB HD so I find a quicker way:
install foremost
foremost -t avi -i /dev/sda1
in this example we are looking for all deleted avi files on /dev/sda1 , foremost always output the results in directory called
output, its created in the directory where you ran foremost so be sure to run it from a directory not located in /dev/sda1 to avoid overwriting one of your deleted files.
Inside the output directory you will find a file named
audit.txt which the log of this restoration process and also a directory named jpg cuz we were searching for jpegs in our last example
foremost -t pdf -T -i /dev/sda1
In this example we are searching for pdf files and appending results to the
output directory (because foremost will not start if there's already an
output directory)
if you also know from where to start:
foremost -s 100 -t jpg -i image.dd
Here we are searching for jpeg files skipping the first 100 blocks inside this dd image
foremost -t all -i /dev/sda1
Searching for all predefined types, that means the same of photorec of the previous post
cheers Alex
http://Lxphotostudio.mine.nu
No comments:
Post a Comment