NullTrace is a deep-disk Windows forensic scanner specialized for FiveM cheat detection. By auditing low-level execution records, binary header signatures, and filesystem metadata, NullTrace surfaces self-deleting cheats and masqueraded bypasses with 100% confidence.
NullTrace doesn't just scan active memory. It audits deep historical files structures and registry artifacts that survive reboot and clean-ups.
Inspects underlying system execution activity caches to retrieve running footprints and path histories, ensuring zero evasion by deleted logs.
Trace AnalysisAutomatically matches and filters execution events within critical timing thresholds of target gaming clients to expose injection triggers.
Timeline AnalyticsVerifies binary structures down to the signature layer across writable directories to detect loaders disguised behind custom file formats.
Structural VerificationReconstructs download source history directly from file records to trace downloader locations, isolating untrusted web sources.
Origin MappingCross-references external storage mount event timelines with system execution periods to capture hardware-based launchers.
Hardware ReconAudits graphical interaction logs to pull execution footprints, identifying programs run via the interface even after they've been cleared.
Interface TelemetryExplore the actual graphical user interface of the NullTrace Client application. Click through each tab below to see how scan indicators and data fields render.
Many cheaters assume that deleting a file and clearing the Recycle Bin erases their footprints. This is how the NullTrace engine proves them wrong.
User runs a third-party loader or cheat engine. Windows starts background tasks and telemetry indexes for launch tracking.
Immediately after injection, the executable deletes itself. The disk location appears empty to standard explorer scans.
NullTrace interrogates internal OS execution logs, recovering the execution timestamp and the original deleted path.
Low-level filesystem metadata indices are queried. NullTrace pulls the original download source link, proving the file origin.
Equip yourself with the complete local execution trace scanner. Unmask self-deleting cheats and hidden registry artifacts in seconds.
Unrestricted access to the complete NullTrace client suite for 30 days. Runs locally, zero trace upload.
NullTrace is built for zero footprint, high performance, and local execution. Review our technical constraints and data policies.
NullTrace is compiled with MSVC static runtime linkage (/MT in C++ Release configuration). This packages all standard libraries inside the output executable. Zero dependency, runs on fresh OS installations without VC++ Redistributables.
Unlike cloud-based anti-cheats that upload disk streams, 100% of the NullTrace forensic file parsing and registry analysis happens locally in memory. No user files are ever uploaded or cataloged off-host.
Low-level diagnostics services are protected OS components. To read these secure areas, the analyzer requires Administrator rights (calling standard Win32 IsUserAnAdmin()). Without elevation, scanning operates in restricted mode.
The NullTrace heuristic engine parses and sanitizes system logs to dynamically ignore safe background operations and whitelisted packages, maintaining a 0% false alert rate.