In cases where there is no free decryption fix tool and victims are not willing to pay the ransom, the only other alternative is to backup/save your encrypted data as is and wait for a possible breakthrough
...meaning, what seems like an impossibility at the moment (decryption of your data), there is always hope someday there may be a potential solution.Imaging the drive backs up everything related to the infection
including encrypted files, ransom notes and registry entries containing possible information which may be needed if a solution is ever discovered
. The encrypted files do not contain malicious code so they are safe. Even if a decryption tool is available, there is no guarantee
it will work properly or that the malware developer will not release a new variant to defeat the efforts of security researchers so keeping a backup of the original encrypted files and related information is a good practice.