[bigbugbag]

You can doubt but maybe direct the doubt at the ability of window to deliver a consistent experience across every machine and configuration. She's computer literate and know when she gets nagged by windows, at best it could have been that the warning came and went while she was not in front of the screen.

There was no event log or logs of any kind, her system got entirely replaced by win10. For this specific case I would tend to not trust the log anyways. What I do find strange is that the windows 10 installation process should have asked to accept the EULA before installing, it did not and went on as if it was an unattended installation.

Good luck trying to explain people that they have to forfeit their freedom because they have to behave like good citizen. Anyways windows update is barely relevant here as the common vector used for botnet infection is almost always the user, not windows vulnerability.