Ok, I don't want to sound like a total idiot, but at the risk of sounding like said total idiot, I'm going to skip the long-winded story and explain my current situation:

I have a 320GB hard drive of which I was using as a file drive on a Slackware box. It only had one ext3 partition that encompassed the entire drive and was filled to the brim with files.

Let's just say that it somehow got formatted over with an XP NTFS partition (using the slow format option) and as soon as it booted into XP, it was promptly shutdown and hasn't been touched since.

Obviously my question is, is there any way to recover the deleted data? I know that not all of it will be recoverable, but most of it should be, one way or another.

I tried using Hiren's BootCD 8.8, but I couldn't find any useful tools on there (the only one that seemed like it would do the job, isn't capable of recovering Linux-based partitions). I downloaded Knoppix-STD and ran some sort of analysis with testdisk, but it didn't seem to find anything... Tomorrow I'll have to check for options that I could've possibly missed...

It's not extremely important that I recover everything... I can probably get back most of it anyway, but I'd like to know how to do this for the future, in case the problem arises again in a more serious manner.

All help is appreciated, thanks.

Most peeps will tell you once you re-format, it's gone.

That is false, but not all types of data are easy to recover. In the thread link below I provide other useful links, you'll run into another thread where a person called Soren or something, recovered most of his files using an older version of Foremost, he also provided a link to download it, that is the link I used to get it. It worked better than Foremost 1.4 and scalpel that only produced thumbnails of the photos I was after. Well...foremost 1.4 pulled the full size ones also after I found what commands to use with it in x86_64 systems. Anyway, check all the links, best to read up a little. The Helix live CD http://www.e-fense.com/helix/ also has foremost, not sure what version. I've been playing with it but have been un-successful at mounting a "suspect" drive properly or something, it would get 300 or 400 .jpg photos and give up with an error, mount problems I suspect, got to get back at her tomorrow and master that CD.

http://www.linuxquestions.org/questi...d.php?t=536461

Thanks for the reply. I tried foremost, and nothing really seemed to happen, maybe I'm not using it correctly? I'm not really sure... I'll have to mess with it again.

I also tried testdisk, and photorec, testdisk couldn't find anything and photorec yielded some crazy results (half gig jpg files)... I basically had the same results with everything else.

I'm about to try FTK since my friend claims that that works and we did learn about it in one of my classes, although I really don't think it'll do anything either.

I've tried a few, it took a while to get foremost to work, got lots of errors to the point I just about quit. I just finished running foremost from a Live CD, and going through the results right now. Nothing like the results I got using foremost-1.1 in a 32bit system though. But because I'm into the forensics thing, I keep playin' with all of them. So far, the foremost-1.1 seems to be king of the hill for .jpg images. When I tried retrieving .doc with it I got an infinite loop of the same .tci or whatever they were, (turbo cad images), that weren't even .doc format.
But you must have the same problem with foremost I had when I first tried it, not using the right command format.
Persistence pays.

Sorry, was telling you about photorec, but noticed you tried it already. It did an superb job for me.