I've found out that the winlogon thread [winlogon.exe+0x39156] uses 50% [or little less 49.90...].
The workstation seems to be clean from spyware, worms or viruses. The winlogon.exe is the right one [from XP SP2].
If I kill the thread, it reappears after a second. The only "strange" [except the 50% cpu usage !] thing about this thread is the amount of context switching [about 300 per seconds].
Does someone have any idea to solve it ?