smmmdz

FiveM PC Check Scanner

A Windows forensic scanner for FiveM server administrators to detect cheats, injectors, and anti-forensic cleaners during PC checks (screenshares).

What it detects

Cheats

Cleaners / Bypass tools

Forensic artifacts

Requirements

Usage

Quick start (double-click)

run_scan.bat

When the scan finishes, Notepad opens automatically with the full result.

Command line

# Full scan - opens Notepad when done
python main.py

# Fast scan (skips deep file walk)
python main.py --quick

# Don't open Notepad
python main.py --no-notepad

Report saved to: reports/PC_CHECK_RESULT.txt

Run as Administrator (right-click run_scan.bat → Run as administrator) for Prefetch and BAM registry access.

Scan modules

Module What it checks
Process Scanner Running cheat/cleaner processes
Prefetch Scanner C:\Windows\Prefetch execution artifacts
Registry Scanner BAM/DAM execution logs, Run key autoruns
File Scanner Downloads, Desktop, AppData, Temp for cheat files
FiveM Scanner FiveM data folder, mods, Lua exploit scripts
RPF Scanner Custom .rpf mods — weapons.meta, handling.meta, FiveM mods folder
Browser Scanner Chrome/Edge/Firefox history for cheat sites
Cleaner Scanner Anti-forensic tools, recycle bin, log gaps

Verdicts

Verdict Meaning
CLEAN No significant findings
REVIEW NEEDED Medium-severity items — manual review
SUSPICIOUS High-severity findings
CHEATING LIKELY Critical detections (known cheat or cleaner)

Adding custom signatures

Edit pccheck/signatures.py:

FileSignature(
    "MyCheat",
    ("mycheat", "mycheat.exe", "mycheat_loader"),
    Severity.CRITICAL,
    Category.CHEAT,
    "Description of the cheat",
),

Some checks need elevated access:

Right-click run_scan.batRun as administrator for best results.

Important notes

Project structure

fivem-pc-check/
├── main.py              # Entry point / CLI
├── run_scan.bat         # Windows launcher
├── pccheck/
│   ├── signatures.py    # Detection database (edit this)
│   ├── engine.py        # Scan orchestrator
│   ├── models.py        # Finding / result types
│   ├── scanners/        # Individual scan modules
│   └── report/          # HTML report builder
└── reports/             # Output (created on first scan)

License

For educational and server administration use.