It’s a message every IT manager dreads.
‘Your personal files are encrypted by CTB-Locker. To decrypt the files, you need to pay 3 bitcoin.’
Yet, unfortunately, getting locked out of your company’s own data – and then being expected to pay a ransom to get it back – is becoming more common as cybercriminals get craftier. Like pesky bed bugs that have become immune to deterrents, ransomware attacks such as CryptoLocker, CryptoWall, Locky, TorrentLocker and Virlock are constantly evolving to sneak past all the new defences that IT security experts are busy building up.
Workaround to take back DC VM from CSV.
1. At this moment, your cluster is offline and failed due to its inability to connect to a Domain Controller.
2. Go to Cluster Shared Volume, select the Cluster volume which contained the VHD.
3.Offline the resources, right click and select Remove from Cluster Shared Volumes.
4. Once remove, go to Storage and you will see the disk located in Available Storage. Assign a Drive Letter and copy the VHD out.
This is the simple trick to recover the DC VM which is inside the CSV. Hopefully, you can now create the a new VM and point towards the copied VHD then start the Domain Controller. Once the DC is up, then you will be able to start the Hyper-V Failover Cluster.
Just to remind again, you should have at least 1 DC not in CSV or run in the physical server.