Paul Vernon posted an interesting item on CF Talk regarding a memory leak on a Windows 2003 server running SP 1. His contention was that when you log on to a Win3k server that is running Coldfusion using terminal services, then log off again, the memory is not being released from the "winlogon" process. Over time the memory usage builds up into the hundreds of megabytes causing a resource utilization issue. We've seen this as well, although I do not think it has anything to do with Coldfusion. I imagine that other 3rd party server applications would cause the same behavior. In any case, I reviewed his fix and it seems to work splendidly. Here's some more information.
Until recently his fix had been a reboot. Then he discovered that logging onto the server from the console (instead of through Terminal services) cleared out the memory in winlogon.exe. This was still not ideal because he had to physically go to the server. Luckily he found another fix.
The terminal services client is a program called mstsc.exe. Using the switch "/console" you can force the client to log you in as if you were on the console. Here's the "quick start" version of how to get this done. Open "start-->Run" and type in mstsc /console. You will see the usual dialog box that allows you to enter an IP address or host address. Enter the name of the server and log in as you usually would. You will see that the memory usage has been flushed back to the normal range of between 4 and 16 megs (depending on sessions). This seems to work splendidly.
If you are like me you save your settings in an "RDP file. You may be used to clicking directly on the RDP file instead of opening mstsc. An RDP file is really a text file and the save as dialog box just creates a shortcut mstsc using the file as an argument. If you open the file in notepad you will see something like this.
One more thing. The console mode allows you to adjust the video resolution and it will affect the resolution of someone subsequently logging in at the monitor that is physically at the server. If you don't know the monitor setup don't change this item. Ostensibly you could make it difficult for someone to see the screen by making the settings incompatible.
Here's Paul Vernon's own take on this issue.
Winlogon.exe and CFMX