Apoint tries to delete c drive content

The following will shed more light on that .exe file. It is actually part of the Alps Pointing device (your touchpad). Why it tries to delete the C: drive files sounds awfully strange. Try another anti virus program scan and download and scan with Malwarebytes Free.

https://www.file.net/process/hidmonitorsvc.exe.html

https://www.neuber.com/taskmanager/process/apoint.exe.html

Is this an older system with the old style touchpad?

Are there any updates for the touchpad driver?

I am wondering if Win 10 is having a problem with an older driver which is starting up when it may not be needed.

I certainly agree, if you are seeing a request to delete the entire OS partition, that would not be good.

You might use Autoruns to see if apoint is starting up and uncheck it for testing.

Edit:  I have an older Inspiron 1545 which has the folders and drivers you mention.  But it is running Win 7.  In the Win 10 clean install version, no such folder is present.

These show the pop up that appears roughly twice a week, Task Manager showing that it's a child of the Alps Pointer process and finally the properties of that executable.

Any solutions on this

I randomly experience the exact same issue.

Latitude 5580. Windows 10 Pro.

To be honest, it's pretty ridiculous :Indifferent:

OMG, I can't believe that I found this thread. I have been fighting this thing for months. Is it a virus attached to the keypad/mouse driver? Key logger? It's been driving me insane. Glad I'm not alone.

I deleted the service, uninstalled touchpad, and took it out of startup.

Hope that does it. I'll stick with the default mouse microsoft driver.

Why the #!!!$* would there be something in that driver or service that would try to delete your whole C drive? Totally insane.

This is my favorite thread in the universe!

I had the exact same thing happen to me today for the first time. I just updated my Win10x64 Dell Precision 7510 laptop to the 1809 release of Win 10 last week.

I wonder if Dell even bothers reading this forum.

Apoint is part of the device driver package for  touchpads manufactured by Alps.

Deleting files comes from malware W32/Chir-B worm, an EXE file infector not the OEM Dell driver.

When run the virus will copy itself into the Windows system folder as runonce.exe and sets the registry entry
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Runonce

to start this new copy of the virus. This will cause the virus to be started when Windows starts up. The virus continually monitors this registry entry so
that any attempt to change or delete the entry.

The worm searches through all local and mapped drives to infect files with the following extensions:

• .htm
• .html
• .exe
• .scr

Hi, Did some research around W32/Chir-B worm, but couldn't find any mention of it trying to delete all files on a C drive.

Also, there's no HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Runonce entry in my registry or any reference to runonce.exe

Windows Defender and Malwarebytes detect no virus in  runonce.exe in windows\system32 (or in any of the other three versions of it in the Windows directory) nor do they find any viruses anywhere else on my system.

The digital signatures on apoint.exe all check out, so it appears not to be infected.

sfc /scannow also came back with no issues

So I'm really not sure why you think it's a virus and not a bug.

How do I contact support when the web site does not work? I have tried doing this several times and it is not possible for me to get the contact form to come up. I have tried with 3 different browsers. Here is Chrome: