A remove branch user was infected by CryptoWall. It encrypted the remote DFS server. The server only synced a few directories to the main DFS server. We disabled the replication between the servers (via DFS Management) and rebooted the servers to stop replication. We also restored from backup the encrypted files to the main DFS Server.
How do I go about restarting the DFS Replication with the main server as the correct server for files?