I was branched!

Windows XP Pro
Firewall, Anti-virus, etc.
Guest account disabled
Remote access disabled

I was hacking in Delphi when suddenly my harddrive became very active and the system sluggish. ZoneAlarm indicated high traffic and Task Manager said WinLogon was using about 80-90% of system resources!

I of course immediately locked internet traffic. I’ve scanned my system with everything I know how but still don’t know what did it. I find it hard to believe that someone randomly cracked one of my passwords (I’m a freak so they’re pretty darn long and always have at least three character classes…)

Is this a new XP issue? Has anyone else heard of this?

I am not pleased. :<

Trojan, spyware?

My girlfriend warned me of a new internet worm for windows found a few days ago. Apparently,a new windows patch takes care of it. She found the info on the net somewhere, sorry I can’t be more specific.
Could this be the trouble?
(I hope not)

Ah, there’s the problem right there ;).

Windows docs say:

Winlogon.exe - You cannot end this process from Task Manager.
•This is the process responsible for managing user logon and logoff. Moreover, Winlogon is active only when the user presses CTRL+ALT+DEL, at which point it shows the security dialog box.

Check that this app is running from C:\WINDOWS\System32\ i.e. search for it on your drive and delete any app called winlogon that is not. If you tried terminating it and it was the real one, it wouldn’t let you.

There are viruses that put winlogon.exe on your system and they screw with your internet.

Thanks for the replies.

No, XP is not a virus… :wink:

I couldn’t find what the problem. My system appears to be undamaged. I think it was a logon attack or something…

I didn’t kill WinLogon, just all incoming traffic. The fact that someone had engaged my computer somehow is just disturbing…

So I’m somewhat mystified…

Windows XP Pro Firewall

Do you mean that you’re using Windows XP Pro, and also a separate firewall? Or do you mean that you’re using the Windows XP Pro Firewall? I’ve heard that the XP firewall’s a piece of junk, so you might want to try something else if that’s what you’re using. I just downloaded the Keiro Firewall ( http://www.kerio.com/kpf_download.html ) and it looks pretty good.


Not sure, but I think i may have to disagree with you here.

Let’s define a virus as a program that replicates itself, and installs itself without your active permission or consent…
[edit] and perhaps makes active connections across the internet to report information to another user/entity… do’h windows still does that too![/edit]

It would appear that more and more computers are coming shipped with windows on it. everywhere you look, “Designed for Windows XP!”, and it is there, poof! Now, ask someone in a store about a computer without windows on it. Dull, blank expression. I think that if you sit another computer too close to a windows machine for too long, eventually the other computer becomes infected with windows. (it explains all of those computers side-by-side on the store shelves with windows on it).

installs itself without your active permission or consent. Hmm. Buy a new computer, and lo and blow holes, there is windows when you boot it up the first time. can you easily purchase a new system at the store without windows xp? (internet not included). maybe in a custom pc shop, but thats about it. your local best buy/circuit city/compusa/fnac/frys will not have one most likely…

yeah. i think winXP is a virus. Even worse, it makes people who succumb to using it less intelligent computer users. :wink: Okay, the last comment was just a jab, im just kidding. :smiley:

Perhaps it was this:

I subscribe to ZoneAlarm. (The XP firewall is a joke.)
It’s not zotob (since I’m up-to-date on all service upgrades, and it’s XP, not 2000).

I didn’t mean to start M$ bashing. I’ll agree they’re evil money-grubbers, but all the world’s computer woes don’t rest on them. Just consider CDE :stuck_out_tongue: . But seriously, if it were Apple or Sun or <your favorite company> on top, we’d think the same of them as of MS. They’re all equally rotten at the core.

As for the virus, thing, I stand by my position. :slight_smile:

Any program anywhere, named winlogon.exe, cannot be killed. The task-manager is stupid: it does not check the path!

Search your system for any other program named winlogon.*

This program has saved me many times for when Task Manager blatantly refuses to close a program.

depending on how long the stall was it could have been anything. A antivirus auto download, a moment were blender needed to grub some more memory. Anything dont assume it was a virus. The fire wall is a joke. But XP isnt that bad its the software that makes the computer. (accordingly my computer got 20 % better when I installed blender :smiley: ) delphi is a programming language right

I probably was nothing serious, as Ozone said some programs auto update(like anti virus)…plus Windows is know to start disk trashing for no apparent reason…even if it’s not online…

Yes, after even more searching about, I cannot find anything wrong with my system, and I still can’t say what it was.

My auto-updates are scheduled for 3:00am so it wasn’t that…

My best guess is that someone (or some bot) was trying to logon to my PC and being rejected…

I appreciate all the replies! You all rock! :smiley: