WINLOGON.EXE high cpu usage

yes, preety much on the right track however i will add two things here;
1) clear the prefetchs log and then see if winlogon behaviour is the same, if not, it can be related to hardware/drivers.
2) review the following link
https://www.experts-exchange.com/articles/OS/Microsoft_Operating_Systems/Server/2003_Server/Troubbleshooting-Slow-Logons.html
shabhi

Installing the hotfix (http://support.microsoft.com/kb/927182) looks to have done the trick.  Winlogon.exe no longer pegs the CPU.

Unfourtunetly, WINLOGON.EXE went back to running high CPU.  I need further assistance with this.

This seems to be happening when I log in via the console.  I.E. when I VNC into the server or am standing in front of it.
When I log in via Remote Web Workplace, winlogon.exe doesn't seems to have a problem.

Use process monitor to see what exceptions are generated with winlogon process and report back, that can lead to some result.

Did you try clearing prefetch logs?

Shabhi

Does the winlogon.exe always eat the cpu, or only during console logons/remote client logons? Does it settle down after no logon activity?

@shabhi:
I did clear the prefect logs.

@johnb6767:
It only seems to occur when a specific username (mine) is logged into a local console session.  TDP sessions don't seem to be a problem, whatever username is being used.

HOWEVER...
I had be using the new LogMeIn Rescue feature that runs an agent continuously & allows unattended access anytime.  I observed today that when WINLOGON.EXE was acting up, the unattended agent was also pegging the CPU.
The agent ran as my username.  When I revoked unattended access & the agent stopped running, WINLOGON.EXE stopped acting up.
This has only been for the past few hours, but it seems to have been the problem.  
I'll report back tomorrow.