We Answer: Why is Crypto-Mining Software Flagged as Malware?

Make sure that the crypto mining software you are using is legit

Reading time icon 5 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Key notes

  • Crypto mining software lets you make use of your resources to mine cryptocurrencies.
  • Such software may also be injected into your PC to mine cryptocurrencies and could run in the background without your consent.
  • However, legit crypto mining software can be added to the list of exclusions in your antivirus to prevent it from getting flagged.

Bitcoin is a digital currency (cryptocurrency) that you can exchange for products, services, and even other currencies. More and more users are utilizing crypto-mining software to generate bitcoins for themselves. However, some antivirus utilities flag legitimate crypto-mining software as malware.

Legitimate crypto-mining apps are those users knowingly download and install on their PCs. Those mining apps enable users to generate bitcoins by completing verified transaction blocks with their PCs. You can check out our guide that lists some of the best Bitcoin-mining software available for free.


What is Cryptojacking malware?

Cryptojackers are miners who hijack other users’ PC system resources for the purpose of crypto-mining. These cryptojackers do that with cryptojacking malware. Crypotojacking malware secretly installs malware or virus in your PC (sometimes via email attachments) and use your system resources for crypto mining.

Thus, cryptojacking malware basically exploits other PCs’ system resources to generate bitcoins. CPU utilization can get very high as a consequence.

Your PC might become very slow when there’s cryptojacking malware on it, and you won’t be able to understand the reason behind this since the malware is installed without your consent.

Why does my antivirus flag my crypto-mining software?

Antivirus utilities sometimes flag legitimate crypto-mining software as malware because of the increasingly prevalent cryptojacking. Cryptojacking malware has similar executables to legit crypto-mining software.

Therefore, even the best antivirus software finds it hard to distinguish between them. Some antivirus warning flags do not report the crypto-mining software as a threat, but simply inform that the program is related to mining.

You may get terms such as CoinMiner, Cryptocoin miner, or Bitcoin miner in the warning message.

How can I stop antivirus software from flagging my crypto-mining app?

  1. Open the Start menu.
  2. Search for Windows Security and open it.
  3. Click on Virus & threat protection.
  4. Under Virus & threat protection settings, click on Manage settings.
  5. Under Exclusions, click Add or remove exclusions.
  6. Press the Add an exclusion button.
  7. Select the Process option.
  8. Enter the full path of your crypto-mining software (including its EXE file) in the process name box.
  9. Click the Add button.

Most antivirus utilities include exception (exclusion) lists. The exclusion list features in antivirus software enable users to select certain programs, files, or folders to exclude from antivirus scanning. The antivirus utility will not flag anything on its exclusion list.

We have used the Windows Security antivirus tool that comes built-in with Windows OS to show how you can add your crypto-mining program to its exclusions list. You can do the same with any of the third-party antivirus tools that you have on your PC.

How can I scan and remove genuine cryptojacking malware?

1. Use a third-party malware removal utility

  1. Download Malwarebytes from its official website.
  2. Install it on your PC.
  3. Click on the Settings icon.
  4. Switch to the Security tab.
  5. Toggle on Scan for rootkits option.
  6. Close the Settings window.
  7. Click on the Scan button.
  8. Once the scan completes, it will display if it has detected any malware, virus, etc.
  9. Hit the Quarantine button to remove all malware from your PC.

If your antivirus utility flags something you don’t recognize, that something could be cryptojacking malware. Malwarebytes is a highly-rated third-party utility for purging malware. Malwarebytes Pro includes a real-time scanner, but you can manually scan with the freeware alternative.

Scanning and purging malware with Malwarebytes is so simple. All you need to do is click its Scan button. Malwarebytes will then scan your PC and list anything detected and quarantined. You can click Total items in quarantine, select quarantined items, and press the Delete button.

Get Malwarebytes

2. Use Microsoft’s malware scanner

  1. Download Microsoft Malicious Software Removal Tool.
  2. Launch it on your PC.
  3. Click Next.
  4. Select the type of scan you would like to perform.
  5. Click Next.
  6. The program will begin scanning for malicious programs on your PC.
  7. The result will indicate if the program detected any issues with your PC or not and will prompt you to take necessary action.

You can also make use of Microsoft’s Windows Malicious Software Removal Tool. This utility will scan for and automatically remove detected malware. It’s simple to utilize and also includes three different scanning options.

Get Windows Malicious Software Removal Tool

So, don’t be overly surprised if your PC’s antivirus utility flags your crypto-mining software, as it’s not unusual for false-positive flagging to arise for mining apps. You can simply set up an antivirus exception for your crypto miner. If you don’t recognize a flagged app, however, run a malware scan.

If you are interested in crypto trading, then we would recommend you check out our guide on the best VPNs that you can use for crypto trading.

For users who trade in cryptos, keeping up with the live prices is an essential task for which they can check out our guide which lists some of the best apps for cryptocurrency live prices.

More about the topics: Bitcoin, Cryptocurrency