Advapi [please help understand Sucurity Event logged]

Advapi seems to by accessing my computer - a search shows it is a virus - but McAffee is not catching it and a search for advapi.exe turns up nothing (even search system folders and hidden files). Also advapi.exe does not show up in running processes or boot processes.

I'm not sure what it is, but it generates events 528 and 576 like crazy. Usually these events happen in bursts - several times per hour.

From what I can tell, advapi is a legit WIN opperation. I cannot find any specific reference to this event as a virus or trojan, but I am not sure what else it could be.

This is a typical event:

 

Yeah - it appears to be legit proceses - but I do not understand why there are so many. Maybe, as suggested by the one article, I have settings that are too sensative and record various innocuous events?

 

ADVAPI Problem

I have the same ADVAPI problem on my XP loads. Does anyone know if this is a legit process? The ADVAPI process runs immediately after installing XP. I did a low level format on the drive before loading it. The computer is not connected to the internet. All security prone services were disabled during the installation.

I have a Maxtor SATA/150 PIC Card installed because my system board is 100 and the drive is ATA/133. The card has a 10 MB bios. If I have a trojan, the only place it can be living is in the card bios.

If ADVAPI is a Trojan, it's a tough one to kill....