Something keeps changing my computer name to Administrator

Question

One of the pc's in my network keeps changing it's name to Administrator. If I change it back to what I need it to be and restart, it works but only until the next restart where something changes it back to Administrator. None of my other computers are affected by this. It seems quite suspicious. All my pc's are running windows 10.

Answer 1

Hello Mr. Greg,

It's pleasure to talk to you,

Same issue here exactly:

The computer renames automatically to "Administrator", I am sure it's a virus, even I have the following issues accordingly,

• Windows Search service won't start (keeps trying but fail), means file indexing stopped working which leads to slow file browsing.
• Windows defender won't help, the status of antivirus is green, but once I start scanning computer, its counting to 13 files then stuck and stop immediately,

What I've tried:

1- Tried another antivirus like bitDefender and ESET Node.

2- Stopped all unknown startup programs.

3- Starts the computer on safe mode and scan the computer.

4- Starts Microsoft defender antivirus (offline scan)

all above steps fails,

So, after my private investigation, I found the virus name is "__PSScriptPolicyTest_twoyiqyz.bga.ps1" which is generated in %temp% temporary,

after starting the computer in about 15-20 minutes, starts making some execution and then a PowerShell windows pops up and disappear, after monitoring it, i found it executing the following command:

"powershell.exe" -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\Windows\System32\C67C3E38-6391-4014-87CD-3B18A95CBE1E.ps1"

The whole execution procedure is captured on the following path:

Download

"Logfile.CSV"

looking forward to your kindest reply,

Kindest regard

Sadiq Aldawas

Answer 2

Hi Bennie. I'm Greg, 10 years awarded Windows MVP, here to help you.

Likely a corrupted account. Test for account corruption by creating a new Local account to see if the problem goes away. Step-by-step instructions here: https://www.groovypost.com/howto/create-local-a...

Make it an Administrator account if you want user to be able to make changes: https://www.digitalcitizen.life/change-type-use...

Sign into the new account, test it works correctly, if so move files over, test all apps work or reinstall any that don't. Then when ready delete the old account in Settings > Accounts > Family & Other Users.

You can then change the new account to the Microsoft account if desired:

https://www.tenforums.com/tutorials/5375-switch...

Feel free to ask back any questions. Based on detailed results you post back I will have other suggestions if necessary.

______________________________________________

Standard Disclaimer: There are links to non-Microsoft websites. The pages appear to be providing accurate, safe information. Watch out for ads on the sites that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the sites before you decide to download and install it.

Answer 3

I'm glad to help, Bennie.

Keep me posted on your progress as I will be here to help until the case is resolved.

Answer 4

Hi Greg,

Thank you for the fast reply and suggestion. I will try it and report back.