A few days ago I noted multiple Winlogons in my task manager. It was a concern to see this though I did not know if it was a problem or not. After loading Hookshark I noted that this file had multiple hardware break point hooks. I noted also today that I do not have two Winlogons running which causes me to wonder why I am not seeing this.

On my computer I have a custom application that was built to patch memory addresses to expand virtual memory beyond Window's allocation. I do not think this would have anything to do with a login. Does anyone out know why I would have multiple logins?

Multiple windows stations would do that (multiple users, remote desktops, etc.)

Extremist,

Thank you for your reply. Would this occur with a Windows 7 operating system running a Windows XP Shell or Windows Virtual PC? Though if this was the case I would see currently two Winlogins and I do not. I just opened Windows Virtual PC and do not see multiple Winlogons. You would expect this process to continue.

My computer is a stand alone desktop PC which is hard wired to a router and then to a cable modem. I am not using multiple desktops or multiple users.

I'm confused.

If you have no remote sessions or multiple users, the pendulum swings more towards malware. Still, if I remember correctly, there may be other legitimate explanations. There's no quick answer. If anti-malware scans don't turn up anything, I'd first try to kill those processes and see what happens. I'd also check them out in detail with a kernel debugger. No guarantees, of course. If I'm not 100% on anything, I'd reformat and reinstall (and these days even this isn't entirely foolproof). (BTW, "Reservoir Dogs" is a good example of what could happen when you're not 100% on something.)

do it this safely:
1) insert wincd&reboot FROM CD
2) select 'install new', 'do not recover install', go on partition manager and REMOVE the C partition
3) say install on unformatted C, say yes all time and go on installing.

for the multiple user problem, essentially you are 95% backdoored in my opinion. Unless you have logged with different users on the same machine OR you execute some special application that needs to run on a separate user... but that's a very special need.

Ah, dont even bother thinking that AVs will remove safely your viruses... imho burn all & restart is the only way.

+1, shoudnt be too much trouble, as it`s a vm anyways.
what program are you using in the screenshot?