Hmm, might be a virus trying to act like it's not. I would suggestion going to this computer tech site

http://www.cybertechhelp.com/forums/

Go into the cycber safety forum, run the highjack log (it is not threat. I used it myself, all it is, is a log of what is running on the program, anyone that has the knowledge to read it will be able to tell you whether or not, it's a virus)

I found out that windows messenger uses a lot of cpu, and tons of memory as well. Since I never use it, I uninstalled it. Just go to add and remove programs,add and remove windows components(on the left), scroll down to Windows messenger, uncheck the box, click next. See if that helps.

if you are running norton internet security try disable it and then see what your cpu usage is.

also W32.Neveg.A@mm

Risk Level 2: Low

http://www.symantec.com/security_response/writeup.jsp?docid=2004-081623-4258-99&tabid=2

Winlogon.exe is the name of a legitimate program.



Unfortunately NEVEG.A WORM! , NETSKY WORMS!, BANKER-FI TROJAN!, BOBAX.AD WORM!, AUTOTROJ-C TROJAN!, STRTPAGE.BE TROJAN!, TRODAL TROJAN! , KREPPER-G TROJAN! and possibly other use this name

also. See page web below for more information.

http://www.pcreview.co.uk/startup/index.php?file=winlogon.exe+&do=file&Submit=Submit



Winlogon.exe virus? HiJack included

http://www.castlecops.com/t182278-Winlogon_exe_virus_HiJack_included.html



The legitimate Winlogon.exe on my task manager is 4,504K.

You should only have (1) Winlogon.exe listed in the task manger. It behavior indicates it is malware.

-------------------------------------------------------

If you follow all the following steps it should get rid of your problem and prevent future problems. All programs listed are free

-------------------------------------------

Turn off system restore

http://www.sarc.com/avcenter/venc/data/w32.neveg.a@mm.html#removalinstructions

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?OpenDocument&src=sec_doc_nam



Run all scans in safe mode if possible

http://www.sarc.com/avcenter/venc/data/w32.neveg.a@mm.html#removalinstructions

---------------------------

Update your antivirus and run a full scan



If you do not have spyware protection install:

AVG Antivirus 7.5 Free Edition

http://free.grisoft.com/freeweb.php/doc/avg-anti-virus-free/lng/us/tpl/v5

or

Free antivirus - avast! 4 Home Edition

http://www.avast.com/eng/avast_4_home.html

---------------------------------------------------------

Install Windows Defender (full time spyware protection)

Perform a full scan.

http://www.microsoft.com/athome/security/spyware/software/default.mspx

---------------------------------------------------------

Install the following five programs and run weekly or at least monthly. You need all five. They are not a substitute for full time spyware and virus protection.

Install and run now.



Ad-Aware SE Personal (update + full scan)

http://www.lavasoftusa.com/products/ad-aware_se_personal.php



Spybot Search & Destroy (update + immunize + scan)

Do not enable Tea Timer and SDHelper

After installation: update + scan + immunize

http://www.safer-networking.org/en/mirrors/index.html



SpywareBlaster: Update then open and click “enable all protection”.

http://www.javacoolsoftware.com/spywareblaster.html



SUPERAntiSpyware free version: (update + scan)

http://www.superantispyware.com/



CCleaner: Do not install toolbar and recycle bin options

Set to run when computer starts.

Removes tracking cookies, unneeded files

http://www.ccleaner.com/



Note if a scan detects a problem but is unable to remove, start the computer in safe mode with the internet line disconnected and run a full scan.



In severe cases your system restore files will also be infected. In these cases you will need to turn off system restore to prevent malware hiding in the system restore files and reinfecting the computer during removal or during a future system restore. Turning off system restore deletes the system restore files.



Right click on "my computer"> Properties > System Restore Tab > Check box turn of system restore



After the malware is removed turn on system restore.

-------------------------------------------------------------

Run this time



Install VX2 tool for Ad-Aware and run tool

http://www.lavasoftusa.com/support/securitycenter/vx2_cleaner.php



CWShredder: run

http://www.trendmicro.com/cwshredder/

----------------------------------------------------------------------

Additional run this time and as needed.



Microsoft OneCare Live, run “full service scan”

Updates windows, virus and spyware scan, disk cleanup, disk fragmentation (if needed), backs up registry and then cleans registry, and checks for open firewall ports

http://onecare.live.com/site/en-us/default.htm



Malicious Software Removal Tool (run “full scan”)

http://www.microsoft.com/security/malwareremove/default.mspx

-------------------------------------------------------

Rootkit Removal Guide

http://safecomputing.umn.edu/guides/scan_unhackme.html



Rootkits Removers (Pick any 2 and run)



AVG Anti-Rootkit

http://www.grisoft.com/doc/products-avg-anti-rootkit-update-app-art/?ver=1.1.0.29



F-Secure BlackLight

http://www.f-secure.com/blacklight/



Sophos Anti-Rootkit

http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html

----------------------------------------------------------

----------------------------------------------------------

Online Free Scanners:

Run Trend Micro, Kaspersky, and Panda Scan now.

Run a different one each month.



Trend Micro: HouseCall Free Scan (removes what it finds)

http://housecall.trendmicro.com/

BitDefender Online Scanner http://www.bitdefender.com/scan8/ie.html

Kaspersky Labs Online Scanner http://www.kaspersky.com/virusscanner

McAfee http://us.mcafee.com/root/mfs/default.asp?affid=294

Panda ActiveScan Free Online Scanner http://www.pandasoftware.com/products/activescan?

Symantic Online Scanner http://security.symantec.com/sscv6/ssc_eula.asp?langid=ie&venid=sym&plfid=23&pkj=ALUFRHYTINMHDKDCWLL&vc_scanstate=2

-------------------------------------------------------

Additional Information read:

http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview

http://wiki.castlecops.com/Malware_Prevention:_Prevent_Re-infection

http://www.castlecops.com/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html

http://aumha.org/a/quickfix.htm

http://aumha.org/secure.htm

http://aumha.org/a/parasite.php

http://www.castlecops.com/t102301-Hijackthis_Guidelines_Read_Before_Posting.html

http://www.techsupportforum.com/security-center/hijackthis-log-help/15968-please-read-before-posting-

http://forum.aumha.org/viewtopic.php?t=4075&sid=901703d08c2ace31389ffef2d84b6607



If all else fails you will need to post a Hijackthis log.