TestDisk FAQ
I can't start TestDisk
cygwin1.dll not found,c\cygwin is missing
You need to extract all the files from the archive before running TestDisk or PhotoRec.
How to use TestDisk ?
Read the TestDisk Step By Step guide.
How to use TestDisk in a script ?
TestDisk usage can be automated. The action need to be described with some specific parameters and the resulting command line can be added to a Unix shell script or Windows batch file. Read Scripted run.
Can I use TestDisk with disk image ?
TestDisk can work with disk images including forensics images created by EnCase and FTK imager.
What to do if the hard disk contains bad sectors ?
If your goal is to recover some precious files and you know where they are, in the advanced menu of TestDisk, select your partition, try to list the content of the filesystem and copy your files. If it doesn't work or if the hard disk is seriously damaged, it's usually better to clone the hard disk first.
A wrong capacity for my hard disk is reported
- If your HD is reported as 137GB only, you need to enable LBA-48 access mode.
- If the size is incorrectly reported as 2TB, connect the hard disk directly in SATA or PATA instead of USB. If the problem persists, the PCB may have suffer from an electronic choc.
Where are the files I have undeleted/copied?
By default, TestDisk copies the files in the current folder.
By example, look at testdisk-6.11.3/win/ on a Windows computer or testdisk-6.12-WIP.
If you have run TestDisk from a temporary folder, ie. c:\Users\bob\appdata\local\temp\Rar$EX00.034\testdisk created by WinRar, the archiver may have deleted the folder including the recovered files when you have closed TestDisk. You need to extract all the files from the archive before running TestDisk.
I can't move, delete, rename the recovered files !
- You may need to take ownership of the folders: https://support.microsoft.com/kb/308421
Change the owner of the files, example sudo chown -R username recup_dir.*
How to open the image.dd file ?
An image is interesting if the original disk has physical problem (ie. bad sectors) or if you really need a copy.
-
mount -o loop,ro image.dd directory 
rename image.dd to image.img or image.dmg and double-click on the file- Specify the image pathname in parameter to run TestDisk or PhotoRec on the disk image.
See Image Creation for more information
Mac OS X PowerPC: Writing the partition table
Use pdisk to recreate the Mac partition map using the values given by TestDisk.
How to check and repair a filesystem
- FAT
Run scandisk c:- To check a FAT partition from Windows, run chkdsk /f c:
- Run
fsck.vfat -a devicename
- NTFS
- To check an NTFS partition from Windows, run chkdsk /f c:
- ReiserFS
- If the superblock of a reiserfs partition is missing, it can be rebuilt with reiserfsck --rebuild-sb device.
How to make the system bootable again
- DOS - Win9x: If your OS doesn't boot, you can reinstall the system files with
sys c:. - Windows 2000/XP/2003
- Run fixmbr from the Recovery Console (ie. fixmbr \Device\HardDisk0)
- Check c:\boot.ini
- Run
fixbootto repair NTFS boot sector.
- Windows Vista/Windows 7/...
- Run
bootrec.exe /fixmbrfrom the Recovery Console - Check c:\boot.ini
- Run
bootrec.exe /fixbootto repair NTFS boot sector.
- Run
- Linux/FreeBSD
- Remember to update your /etc/fstab to reflect the new partition order.
- Update your multiboot configuration and reinstall the multiboot in the Master Boot Record.
- Lilo: /etc/lilo.conf,
liloto re-install - Grub: /boot/grub/grub.conf,
grub-install device - Grub2: /etc/grub2-efi.cfg,
grub2-install device
- Lilo: /etc/lilo.conf,
How to undelete files
- Recover deleted files from NTFS partition
- Undelete files and directories from FAT12, FAT16 and FAT32 filesystem. FAT file systems are commonly found on flash memory cards, digital cameras, and many other portable devices.
- Undelete files from ext2 filesystem
- ReiserFS: Read the ReiserFS file undelete HOWTO
If the system is too badly damaged to be repaired or to allow file undeletion, try PhotoRec.