What is it?
Windows Logon Process - Winlogon.exe What does it do?
Direct Quote from here
is the process responsible for managing user logon and logoff.
Moreover, Winlogon is active only when the user presses CTRL+ALT+DEL,
at which point it shows the security dialog box.
Search MS for more info: Link Virus Precaution: The original Winlogon.exe from Microsoft gets placed in the C:WINDOWSSystem32 directory.
if you find it anywhere else then you should be suspicious for sure.
You'll want to keep an eye on this google search
for any known viruses. We've been able to find only 1 report of a virus so far.
Troj/Madr-B @ Sophos
Netsky.D @ Trend Micro