Spudz76
commented
5 years ago Virus scanners use Heuristics - which is a fancy word for assumptive guess.
It sees some pattern in there that "looks a lot like" the HarHarMiner thing, but isn't. False positive, false identification, it's being racist against any code that "looks like" those miner(s) it hates. So eventually, all miners look the same (due to main code being the same math/algo/procedures).
Thus is the problem with profiling / heuristics / guessing / assumptions. Very likely safe, where you would want to be careful is if it was a non-mining app that said it had miner code in it. But since this is a miner app, and it's finding miner code in it... well of course it did. Nobody is going to attach a miner trojan onto an on-purpose-miner, that would be silly. They want to hack-mine on a box that isn't already being mined by the legitimate owner (low CPU use / dumb web-warrior / not power-user) and so they put trojans on everything except actual mining apps.
[stupid question manually removed]