- as mentioned this could be a sign of ransomware. What build of ESXi are you running? ESXiArgs was doing the rounds about a year ago, and depending which variant you had, it typically encrypted the configuration files of the VMs and possibly others, rendering them inaccessible.
To test if the files have been encrypted or not, SSH into your ESXi host as root then run the following commands:
- cd /vmfs/volumes
- ls (to list the datastores. Identify the datastore(s) where your VM resides)
- cd datastorename
- ls (to list the VM folders in that datastore)
- cd vmfoldername
- ls (to list the VM files in that folder)
- Locate the .vmx file. This is the configuration file for the VM
- now run the command less filename.vmx to read it
If the file is intact, you should be able to read the contents, even if the VM is running. If you can't open it, or it is unreadable/garbage, then it has possibly been encrypted, or otherwise corrupted.