![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 9%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGI%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 15%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 86%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJN%3C/text%3E%3C/svg%3E)
Hi Gabriela Ibarra,
As far as I know, the path you shared under ProgramData\Microsoft\Windows\Containers and the PowerShell output you included are related to Windows container base images and device instance identifiers. These are normal system artifacts used by Windows for virtualization and application isolation, and they do not by themselves indicate that someone has ownership of your computer.
That said, if you suspect unauthorized access, the most important step is to ensure the integrity and security of your system. I recommend disconnecting the machine from the network until you can verify its state. Next, run a full malware and security scan using Microsoft Defender or another trusted security solution. If you continue to see suspicious behavior, consider performing a clean reinstall of Windows 10 or Windows 11 to ensure that no unauthorized accounts or policies remain.
Regarding the “Other User” or unexpected account prompts, these can appear if the system was previously joined to a domain or configured with enterprise policies. In such cases, a clean reinstall with a local account setup is the most reliable way to regain control. If you enable the built-in Administrator account using net user administrator /active:yes, the default password is blank unless one was set earlier, so you can usually log in without entering a password.
In summary, the files and identifiers you listed are part of Windows internals, but the safest course of action when you suspect compromise is to back up your data, reinstall the operating system, and reapply security updates. This ensures you have a trusted baseline.
I hope this explanation clarifies what you are seeing. If you find this answer helpful, please consider clicking Accept Answer so I know your concern has been resolved.
Jason.