MinerSearch
Program designed for search and kill silent miners
Install / Use
/learn @BlendLog/MinerSearchREADME
Miner Search
This program is designed to find and destroy hidden miners. It is an auxiliary tool for searching suspicious files, directories, processes, etc. and is NOT an antivirus.
[!CAUTION]
Antivirus may give a false positive reaction to this application. Please don't create an issue about this.
News about updates now in the Telegram!
https://t.me/MinerSearch_blog
⬇ 
NET Framework 4.7.2 is required
[!CAUTION]
Windows 7 is outdated. MinerSearch support and testing for this OS will be discontinued coming soon.
Version v1.4.8.41
- Removal of new malicious services, files, tasks, and directories
- Added the --no-scan-wmi (-nwmi) option
- Removed the --run-as-system option
- Fixed a bug when reading the service image path
- Fixed a bug when opening a log file using the "Show log" button
How to use
Completely unzip the archive with the program into a separate folder and launch the application. Wait for the scan to complete. When using the program for the first time, you are offered to report the results of the scan to the author at your wish. After completion, a form will be shown with a brief report on the threats that have been eliminated. You can view the detailed log by clicking on the "Show log" button. Clicking on the "Quarantine" button will open the Quarantine Manager, in which you can completely delete the file or restore it.
How to switch language in the app?
- Create language.cfg file if not exist
- Open it with any text editor
- Choose your preferred language: EN or RU
The application also supports additional launch parameters (listed below). To use them, you should:
- Run the command line (cmd) as administrator
- Hold down shift and right-click on the application - select "Copy as path"
- Paste the path into the command line and add the necessary parameters* after a space
Additional command line args (usually is not required):
Generated markdown
| Short Option | Long Option | Description |
| :----------- | :------------------ | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| -h | --help | Display this help message |
| -a | --accept-eula | Accept the End-User License Agreement (EULA) |
| -nl | --no-logs | Do not write logs to a file |
| -nstm | --no-scantime | Scan only running processes |
| -nr | --no-runtime | Do not scan running processes (only directories, files, registry keys, etc.) |
| -nse | --no-services | Skip scanning services |
| -nss | --no-signature-scan | Skip file signature scanning |
| -nrc | --no-rootkit-check | Disable the rootkit check |
| -nch | --no-check-hosts | Skip checking the hosts file |
| -nfw | --no-firewall | Skip scanning firewall rules |
| -cm | --console-mode | Enable console mode (no dialog boxes) |
| -p | --pause | Pause before cleanup |
| -ret | --remove-empty-tasks | Remove a task from Task Scheduler if its executable file does not exist |
| -so | --scan-only | Report malicious or suspicious objects but do not remove or quarantine them |
| -fs | --full-scan | Include all local drives in the signature scan |
| -ras | --run-as-system | Run the scan as the SYSTEM account (for advanced users only) |
| -f | --force | Suppress confirmation prompts for potentially dangerous actions |
| -s | --select | Scan only the selected directory and its subdirectories (recursively) |
| -s= | --select= <path> | Same as --select (-s). Specifies the directory path to scan.
