Is Windows 10 Malware?

[Norton]

Strange overnight events Windows 10 Pro.
Llogged on this morning using my standard user account OK no problems. I signed out, and logged back in using my Local Administrator account. The start up screen welcomed me with notification message that an app had changed my profile to a temporary profile? followed by the spinning wheel and another message that said "Preparing Windows" is if it was a new install.

When the log in screen appeared, there was this Windows message that said:
"We can't sign you into your account
This problem can often be fixed by signing out of your account
and signing back IN. If you don't sign out now any files you create
or changes you make will be lost"
SIGN OUT or DISMISS

I chose to dismiss, My desktop display appeared but it was a Win 10 install default screen, then a notification that my default browser was changed to MS Edge. The start screen menu had also changed to Windows install default?
Rather than dig around and possibly create other problems, I performed an automatic windows restore back to the last update install Aug. 23. Everything was restored back to the way I set up my local admin account, including my customized start menu.
This glitch only effected my local admin account which I seldom use, my local user account wasn't affected?

I think that windows 10 and their control has become malware most, if not all users.

 

[Trouble]

I can tell you that the problem you just went through has been around for a very long time..... since Vista (at least) if not earlier.
When and if it happens again check the registry editor here
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Chances are that you will notice a duplicate profile SID with a .bak extension (which is your actual, real, profile) and the other one with the matching SID without the .bak extension is the current temporary profile that was produced when the glitch occurred.

Signing out might have been the better choice to see if that would have then allowed you to sign back in and magically received your real profile back again.
Your decision to revert to a System Restore point was absolutely a good second choice as that would have reverted the Windows Registry to that particular point in time.

In the past, where the problem has been persistent and every subsequent login was a "temporary" profile and your solution of a System Restore was not an option for one reason or another, I found that.....
Identifying the problem profile by observing the two instances

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-395427749-2610903506-180557256-1001
AND
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-395427749-2610903506-180557256-1001.bak

Renaming the profile, without the .bak extension to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-395427749-2610903506-180557256-1001.SAV
AND then
Renaming the profile, with the .bak extension to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-395427749-2610903506-180557256-1001
By simply removing the .bak extension usually resolved the problem

Of course you want to examine the "ProfileImagePath" value in the right pane of the registry editor and confirm that it is pointing to the proper location C:\Users\YourUserName

 

[Norton]

Trouble thanks again for your wisdom.
I checked the overnight Windows Event logs even though I was logged out there were 2 entries that concerned me.
1. Win Logon; event ID 7002; Task Category 1102
2. Service control Manager, event ID 7040; Task Category None

Followed by Windows Update Client event ID 44 Task Task Category Windows Update Agent. This would have been generated when I logged on this morning.

Question: Why! Why! and why did It target just the local Administrator account? To take way control from my local user account? We'll never know, and also never know just what is MS trying to accomplish. Maybe they are angry at users that don't have a MS account?

Everything appears normal after the restore (surpised that wasn't deleted) to an earlier time and date.

 

[Norton]

Update.
I'm done with Windows 10 at least until the end of the month, It's gobbling up my internet bandwidth. Since 9:00 AM this morning it's consumed 3GB of data, all I have visited is this forum and checked my mail, no downloads.
There is no way a user can consume that amount of bandwidth in less than 6hrs with just browsing.
I think MS is using my machine as an update server, even though it's turned OFF in advanced delivery settings.

What happened last night as (changing my profile) explained above, is inexcusable. When I signed OFF the forum this AM I also signed of my PC as a user. I happened to notice that the modem/router LED activity was going nuts, as if I was downloading. I disconnected the modem, and checked my data it showed a 3 GB increase in less than an hour. Most likely background apps? I checked for updates and it said my machine is up to date, the last update was Aug. 23.

 

[Regedit32]

Cheer up Norton.

Worse case scenario — you end up with a groovy paper weight which you can use to hold your notepad open while you hand write 3 GB's worth of notes into. Do you still have a Postal Service for delivering messages?

 

[Norton]

Done finished with Win 10 until they clean up their act not my bandwidth. I think you would agree that 15.2 GB data in 5 days is data highway robbery.. No games, YouTube, Net Flix, just browsing and email. Currently back using Windows 7. But I'll still visit Ya!