I deleted a 2GB directory and sub-directories/data files from a TrueCrypt container mounted as a Drive Letter. The directory and sub-directories/data files was larger than the recycle bin so it was deleted without the recycle bin. The recycle bin was also deleted.
The container can still be mounted and I have not used the machine since.
Machine description - Win7 x64 Virtual Machine on a Mac Book Pro with Mountain Lion
It's possible to a software recover the deleted data?
Yes. Basically, your Truecrypt behaves like a real harddrive, in a harddrive. So your "container" can be seen as a disk platter in a real harddrive. When you delete a file, windows will write exactly the same thing (deleting the file index from the file table) to the TC disk driver, as it would write to a "real" harddrive. Truecrypt does not know whats stored in a container, all it does is act as a encryption/decryption filter between a "virtual" disk drive and the container file.
Thus, you can run normal file-recovery Tools on the VIRTUAL truecrypt disk drive. Note that some file recovery Tools will be "allergic" to non-physical drives, but then just try Another tool.
Yes, there are "undelete" tools that are able to recover deleted files. TrueCrypt does not change that.
As product recomendations are off-topic here, I will ask you to perform a Google search for undelete tools, you will find lots of them.
Those files now lie outside the file system so it can't be used in the recovery (aside from maybe using what journal information is still available). There is a chance of irreversible overwrite damage because of that, but you said that you have not used the machine since so that may be very minimal. As others described, TrueCrypt doesn't significantly change the ability of recovery here as long as you have block access, and you can try various file recovery software tools. I highly recommend having a complete clone before attempting anything that might not be reversible so that you don't rule out any other possible recovery methods.
Now the file recovery tools will rely on their ability to detect files in raw data (sometimes called carving), and this depends on the definition of the various file types and how they are saved. That is why you may have some file types be recovered really well while others are not. JPEGs for example are typically quite easy because they have a well defined file header and such. Plain text files typically don't have any metadata on their own (outside the file system) so likely no commercially available software tools will recover them.
Also another avenue you have is to work with a data recovery professional. They likely have many software tools at their disposal, and will be able to determine which is (or which multiple tools are) the best for the job. That advantage here is that they'll make a clone first and they already have all of these tools, so you won't have to pay for one that potentially doesn't work. Some even have experience tailoring their use of software tools (or building their own) to their own needs based on the file types and damage in case they can get a better result than the commercially available tools can on their own. They can also do manual work within the raw data for specific files (though that shouldn't be needed here).
For something like this it is fairly easy for them and should definitely be on the lower end of their cost spectrum (unless there are details I'm not aware of). It might actually be more cost efficient than buying a few software tools that might not end up doing a satisfactory job.
