Win32:Malware-gen showing in memory object searchindexer.exe

Avast scan shows this:

"Process 4084 [searchindexer.exe], memory block 0x0000000001000000, block size 450560 (searchindexer.exe)
Severity: High
Status: Threat:Win32:Malware-gen

There are no action options available (probably because it is a memory object).
Scans of the source file “searchindexer.exe” and related files by uploads to virustotal.com show no infection.
Scans of memory by Malwarebytes shows no infection.
Total system scans by Malwarebytes and Hitman Pro show no infection.

Do you think this is a FP, or could it be a rootkit? What are my options?

Thanks!

At the moment I would not recommend the memory scan as it is throwing up false positives

Searchindexers behaviour is suspect - unless you know what the programme is. But in this case it is legit

You can do a boot time scan to ensure the safety,coz I dont think search indexer load the "un encrypted "signature to the memory since it doesnt use them.

Essexboy, thanks.

Superhacker, can you elaborate on this: "I dont think search indexer load the "un encrypted “signature to the memory since it doesnt use them.” I’m not understanding.

Okay in the easy way here is the story:
Suppose there is an antivirus called ‘whatever’ and the maker of this antivirus develop the database of this antivirus,the DB contain digital signatures for piece of code of the malware or a checksum digest like md5 so if the program’whatever’ loads its DB which not encrypted “like the case of windows defender and MSE” avast will see the unencrypted signature and think it is a real virus.
Nothing wrong with avast the wrong is in developing DB structure.
I wish you understand me now.

Processes can be checked here. e.g. in this case: http://www.backgroundtask.eu/Systeemtaken/taakinfo/8700/SearchIndexer.exe/

polonus

Superhacker, understood!

Polonus, thanks!