What is 'Advapi'?

Thelps · Mar 11, 2018

What is Advapi?

It's all over the place in the windows event logs.

Most search-engine research yields vague results that are only contextual to the very specific log-output posted by that user.

Could someone provide a more in-depth, complete explanation as to what advapi does, in all contexts of its usage?

ram1220 · Mar 11, 2018

You are probably infected with a virus.
http://www.processlibrary.com/en/directory/files/advapi/21300/

bassfisher6522 · Mar 11, 2018

If that's the case .....download and run Malwarebytes immediately. Then download and run Ccleaner.

davehc · Mar 12, 2018

If you google, the comments are a minefield. It can be a legit operation controlled by MS. No harm, though, in running a scan. I am honestly not sure if an antivirus program can pick up on an entry in the logs though.
You could clear out the event viewer and watch for the item to reappear?
I have hundreds of them, and have had for a long time. Most certainly not a virus in my case.
They seem to dwell in particular, in the WinSxS folder.
It has been around for a very long time. Quickest definition I have read is:

Advapi is a Windows file. connected with the Dynamic Link Library. The associated files are needed by programs or web browser extensions, because they contain program code, data, and resources

Thelps · Mar 12, 2018

It isn't listed under Processes in Task Manager.

A search of the main drive doesn't produce any results for 'Advapi.exe'. Do these searches include hidden folders/directories?

Could anyone here explain surefire ways in which I could detect malware/viruses/remote connections etc. to my PC?

It seems I spend so much time protecting my privacy, my work, my anonymity online that my productivity is basically nothing or just a nuisance to everybody.

davehc · Mar 12, 2018

There is no *.exe. It is a Microsoft *dll file.

Thelps · Mar 12, 2018

davehc said:
There is no *.exe. It is a Microsoft *dll file.

I know about Advapi.dll.

Any further information?

ram1220 · Mar 15, 2018

davehc said:
If you google, the comments are a minefield. It can be a legit operation controlled by MS. No harm, though, in running a scan. I am honestly not sure if an antivirus program can pick up on an entry in the logs though.
You could clear out the event viewer and watch for the item to reappear?
I have hundreds of them, and have had for a long time. Most certainly not a virus in my case.
They seem to dwell in particular, in the WinSxS folder.
It has been around for a very long time. Quickest definition I have read is:

Advapi is a Windows file. connected with the Dynamic Link Library. The associated files are needed by programs or web browser extensions, because they contain program code, data, and resources

Maybe so but what I am reading is that the virus attaches itself to the Advapi file. The OP still needs to run a virus scan and then Malwarebytes as soon as possible.