kd> p
winlogon!WinMain+0x968:
001b:0057eabb 8945e4 mov dword ptr [ebp-1Ch],eax
kd> p
winlogon!WinMain+0x96b:
001b:0057eabe 6880175700 push offset winlogon!WLEvt_StartLogonUI_Stop (00571780)
kd> p
winlogon!WinMain+0x970:
001b:0057eac3 e863f5ffff call winlogon!WLEventWrite (0057e02b)
kd> p
winlogon!WinMain+0x975:
001b:0057eac8 397de4 cmp dword ptr [ebp-1Ch],edi
kd> p
winlogon!WinMain+0x978:
001b:0057eacb 742d je winlogon!WinMain+0x9a7 (0057eafa)
kd> p
winlogon!WinMain+0x9a7:
001b:0057eafa c705604b5b0017000000 mov dword ptr [winlogon!g_WinlogonStage (005b4b60)],17h
kd> p
winlogon!WinMain+0x9b1:
001b:0057eb04 e847200000 call winlogon!WlStateMachineInitialize (00580b50)
kd> p
winlogon!WinMain+0x9b6:
001b:0057eb09 8945e4 mov dword ptr [ebp-1Ch],eax
kd> p
winlogon!WinMain+0x9b9:
001b:0057eb0c 3bc7 cmp eax,edi
kd> p
winlogon!WinMain+0x9bb:
001b:0057eb0e 742b je winlogon!WinMain+0x9e8 (0057eb3b)
kd> p
winlogon!WinMain+0x9e8:
001b:0057eb3b c705604b5b0019000000 mov dword ptr [winlogon!g_WinlogonStage (005b4b60)],19h
kd> p
winlogon!WinMain+0x9f2:
001b:0057eb45 57 push edi
kd> p
winlogon!WinMain+0x9f3:
001b:0057eb46 68f8465b00 push offset winlogon!xGlobalContext (005b46f8)
kd> p
winlogon!WinMain+0x9f8:
001b:0057eb4b e865130000 call winlogon!WMsgClntInitialize (0057feb5)
kd> p
winlogon!WinMain+0x9fd:
001b:0057eb50 8945e4 mov dword ptr [ebp-1Ch],eax
kd> p
winlogon!WinMain+0xa00:
001b:0057eb53 3bc7 cmp eax,edi
kd> p
winlogon!WinMain+0xa02:
001b:0057eb55 742b je winlogon!WinMain+0xa2f (0057eb82)
kd> p
winlogon!WinMain+0xa2f:
001b:0057eb82 c705604b5b001a000000 mov dword ptr [winlogon!g_WinlogonStage (005b4b60)],1Ah
kd> p
winlogon!WinMain+0xa39:
001b:0057eb8c a10c405b00 mov eax,dword ptr [winlogon!WPP_GLOBAL_Control (005b400c)]
kd> p
winlogon!WinMain+0xa3e:
001b:0057eb91 3bc3 cmp eax,ebx
kd> p
winlogon!WinMain+0xa40:
001b:0057eb93 741a je winlogon!WinMain+0xa5c (0057ebaf)
kd> p
winlogon!WinMain+0xa42:
001b:0057eb95 f6401c01 test byte ptr [eax+1Ch],1
kd> p
winlogon!WinMain+0xa46:
001b:0057eb99 7414 je winlogon!WinMain+0xa5c (0057ebaf)
kd> p
winlogon!WinMain+0xa48:
001b:0057eb9b 80781905 cmp byte ptr [eax+19h],5
kd> p
winlogon!WinMain+0xa4c:
001b:0057eb9f 720e jb winlogon!WinMain+0xa5c (0057ebaf)
kd> p
winlogon!WinMain+0xa5c:
001b:0057ebaf e81d8e0200 call winlogon!StartLoadingFonts (005a79d1)
kd> p
winlogon!WinMain+0xa61:
001b:0057ebb4 8945e4 mov dword ptr [ebp-1Ch],eax
kd> p
winlogon!WinMain+0xa64:
001b:0057ebb7 3bc7 cmp eax,edi
kd> p
winlogon!WinMain+0xa66:
001b:0057ebb9 7426 je winlogon!WinMain+0xa8e (0057ebe1)
kd> p
winlogon!WinMain+0xa8e:
001b:0057ebe1 c705604b5b001b000000 mov dword ptr [winlogon!g_WinlogonStage (005b4b60)],1Bh
kd> p
winlogon!WinMain+0xa98:
001b:0057ebeb e8918b0100 call winlogon!ToInitialize (00597781)
kd> p
winlogon!WinMain+0xa9d:
001b:0057ebf0 8945e4 mov dword ptr [ebp-1Ch],eax
kd> p
winlogon!WinMain+0xaa0:
001b:0057ebf3 3bc7 cmp eax,edi
kd> p
winlogon!WinMain+0xaa2:
001b:0057ebf5 742e je winlogon!WinMain+0xad2 (0057ec25)
kd> p
winlogon!WinMain+0xad2:
001b:0057ec25 c705604b5b001c000000 mov dword ptr [winlogon!g_WinlogonStage (005b4b60)],1Ch
kd> p
winlogon!WinMain+0xadc:
001b:0057ec2f 6890175700 push offset winlogon!WLEvt_RunStateMachine_Start (00571790)
kd> p
winlogon!WinMain+0xae1:
001b:0057ec34 e8f2f3ffff call winlogon!WLEventWrite (0057e02b)
kd> p
winlogon!WinMain+0xae6:
001b:0057ec39 8d4da0 lea ecx,[ebp-60h]
kd> p
winlogon!WinMain+0xae9:
001b:0057ec3c e85ef4ffff call winlogon!Timer::Stop (0057e09f)
kd> p
winlogon!WinMain+0xaee:
001b:0057ec41 8d4da0 lea ecx,[ebp-60h]
kd> p
winlogon!WinMain+0xaf1:
001b:0057ec44 e8f0f4ffff call winlogon!Timer::ElapsedULONG (0057e139)
kd> p
winlogon!WinMain+0xaf6:
001b:0057ec49 50 push eax
kd> p
winlogon!WinMain+0xaf7:
001b:0057ec4a 6805190000 push 1905h
kd> p
winlogon!WinMain+0xafc:
001b:0057ec4f 57 push edi
kd> p
winlogon!WinMain+0xafd:
001b:0057ec50 e845f10100 call winlogon!WinSqmSetDWORD (0059dd9a)
kd> p
winlogon!WinMain+0xb02:
001b:0057ec55 8d45dc lea eax,[ebp-24h]
kd> p
winlogon!WinMain+0xb05:
001b:0057ec58 50 push eax
kd> p
winlogon!WinMain+0xb06:
001b:0057ec59 68f8465b00 push offset winlogon!xGlobalContext (005b46f8)
kd> p
winlogon!WinMain+0xb0b:
001b:0057ec5e e83f1f0000 call winlogon!WlStateMachineRun (00580ba2)