From a7b286b3a3ae82382c1633662764242a308a8f73 Mon Sep 17 00:00:00 2001
From: Yaya48 <yaya48@noreply.localhost>
Date: Sat, 15 Mar 2025 20:09:42 +0100
Subject: [PATCH] Actualiser README.md

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 38ffbf1..7be99d0 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,7 @@
     -> Infection Dumps from 15/03/2025
     -> A schema on how it work
     -> The repo doesn't contain de-obfuscated payloads.
+    -> What to do if i got infected ?
 
     
     -> About Payoad obfuscation
@@ -17,6 +18,8 @@
         -> Stage 6 : Backdoor'd DLLs and stuff didn't take the time to reverse it.
         -> Stage 7 : For lua files its Luraph, For JS files its https://obfuscator.io/
 
+    -> If you got infected : Re-install completly the server OS, and do not re-use your old server-data folder. Why ? CIPHER give full OS control to the attackers and so they can execute system command remotely and install other shit on your machine. and btw avoid running FIVEM Servers as Administrator/Root thanks. 
+
 
 # A schema on how it works.