There are no action options available (probably because it is a memory object).
Scans of the source file “searchindexer.exe” and related files by uploads to virustotal.com show no infection.
Scans of memory by Malwarebytes shows no infection.
Total system scans by Malwarebytes and Hitman Pro show no infection.
Do you think this is a FP, or could it be a rootkit? What are my options?
You can do a boot time scan to ensure the safety,coz I dont think search indexer load the "un encrypted "signature to the memory since it doesnt use them.
Superhacker, can you elaborate on this: "I dont think search indexer load the "un encrypted “signature to the memory since it doesnt use them.” I’m not understanding.
Okay in the easy way here is the story:
Suppose there is an antivirus called ‘whatever’ and the maker of this antivirus develop the database of this antivirus,the DB contain digital signatures for piece of code of the malware or a checksum digest like md5 so if the program’whatever’ loads its DB which not encrypted “like the case of windows defender and MSE” avast will see the unencrypted signature and think it is a real virus.
Nothing wrong with avast the wrong is in developing DB structure.
I wish you understand me now.