Question : Windows XP Home SP3 & WinLogon.exe

Today a laptop was dropped off with me that appears to be acting a little weird.
Symptoms: WinLogon.exe is using 100% of the processor, machine is running very slow and keeps locking up.

My first guess to this was this machine must have a virus or spyware. I pulled the hard drive out, plug it into another machine that is running correctly,and ran a virus scanner and spyware cleaners. A couple of minor bugs were found, but nothing real serious. (Virus scan was ran with Avast, and spyware was ran with SuperAntiSpyware, Adaware, and S&D).

Plugged the drive back into this laptop, booted it up, same problem. WinLogon.exe is using 100% of the processor.

Loaded into Safe mode: Same problem
Used system restore: Same problem
Created a new user account: Same Problem
Ran MSCONFIG, shut off everything (diag mode): Same Problem

I would prefer to try and correct the problem with out having to re-load windows. I am working on getting a friend of mine to send me a copy of his WinLogon.exe from his system (he is running the same ver. of windows w/ sp3), Not sure if I will be able to over-write the current file or not, and not really sure that if I do succeed in over-writting the file, if windows will boot back up correctly.

Short of doing a re-install of windows, would anyone have any other suggestions. If so, please be through in the steps to complete your recommended process.

Thanks.

Answer : Windows XP Home SP3 & WinLogon.exe

There is a way to kill it, you use Sysinternals Process Explorer, found on Microsoft's Technet Site. Here is the link: http://technet.microsoft.com/en-us/sysinternals/default.aspx

You can try replacing the file using Microsoft's Windows File Checker. Get to the Command Prompt, then type without quotation marks the following command. "SFC /scannow" This will make sure that any important system file hasn't been tampered with.
The entire article about it is found here: http://www.microsoft.com/whdc/archive/wfp.mspx#ELD

If the above doesnt help, try using Sysinternals RootkitRevealer. There could be a rootkit attached to Winlogon.exe which explains its maxed out CPU usage. Then I recomend using ESET's NOD32 to scan the system, since it has the most advanced heuristics of any antivirus scanner I have come across. This will most likely find any malware still on the computer, assuming it is actually malware causing the problem and not Winlogon.exe hanging on an instruction.

Hope this helps.

Random Solutions

best dvd ripper!

forum aggregator search site

Unable to access LAN

Manual move of mailboxes

why JDK and JRE must be same version Can we mix and match

Limited users can not burn CD programatically

multiple Itunes music folder

Split Windows Backup Files

How to trap the error in datawindow itemchanged event and clicked event?

WinDBG - Need Help Using