Here is out put from !stacks, !locks & !analyze -hang
kd> !stacks
Proc.Thread .Thread Ticks ThreadState Blocker
Max cache size is : 1048576 bytes (0x400 KB)
Total memory in cache : 0 bytes (0 KB)
Number of regions cached: 0
0 full reads broken into 0 partial reads
counts: 0 cached/0 uncached, 0.00% cached
bytes : 0 cached/0 uncached, 0.00% cached
** Prototype PTEs are implicitly decoded
[82d58830 System]
4.000584 82a91da8 006016c Blocked MRxVPC+0x8c94
4.000588 82a91b30 006016c Blocked MRxVPC+0x8c94
4.00058c 82a918b8 006016c Blocked MRxVPC+0x8c94
4.000204 82a61da8 00020ae Blocked HTTP!UlpScavengerThread+0x5d
[82b6c880 smss.exe]
[82b7e020 csrss.exe]
200.000210 82b88578 0000bff Blocked nt!KiFastCallEntry+0xf8
200.000228 82c69430 00000da Blocked win32k!NtUserScrollDC+0x11
200.00023c 82b6a558 00000d2 Blocked win32k!TimersProc+0x10
200.000240 82b6a2e0 0000443 Blocked win32k!xxxMsgWaitForMultipleObjects+0xb0
[82c0d540 winlogon.exe]
218.000238 82c69920 0000555 Blocked nt!KiFastCallEntry+0xf8
218.000264 82b823f0 0000ae1 Blocked nt!KiFastCallEntry+0xf8
218.0006a8 82ba52a0 0000adb Blocked nt!KiFastCallEntry+0xf8
[82c05928 services.exe]
268.0002ac 82c40b30 0000aea Blocked nt!KiFastCallEntry+0xf8
268.00056c 82a41bb0 0000508 Blocked nt!KiFastCallEntry+0xf8
268.000654 82b6eb30 000029e Blocked nt!KiFastCallEntry+0xf8
268.0001d0 82b6e8b8 0000508 Blocked nt!KiFastCallEntry+0xf8
[82b7d450 lsass.exe]
274.000288 82c09da8 0000952 Blocked nt!KiFastCallEntry+0xf8
274.00028c 82c09b30 0000952 Blocked nt!KiFastCallEntry+0xf8
274.0002a4 82b87190 0000768 Blocked nt!KiFastCallEntry+0xf8
274.0002b8 82c40158 00000bc Blocked nt!KiFastCallEntry+0xf8
274.000664 82a7aaf0 0000031 Blocked nt!KiFastCallEntry+0xf8
274.000468 82ac3740 00000bc Blocked nt!KiFastCallEntry+0xf8
[82b143c0 svchost.exe]
310.0000d0 82a19b30 00006e7 Blocked nt!KiFastCallEntry+0xf8
310.000798 82a31020 00006e7 Blocked nt!KiFastCallEntry+0xf8
310.0007cc 82a4b3f0 00003fe Blocked nt!KiFastCallEntry+0xf8
310.000678 82a68aa8 00006e7 Blocked nt!KiFastCallEntry+0xf8
[82ae2320 svchost.exe]
340.000348 82ae2020 00002ab Blocked nt!KiFastCallEntry+0xf8
340.000350 82ae1da8 0000c46 Blocked nt!KiFastCallEntry+0xf8
340.0005e8 82aa9020 00000ee Blocked nt!KiFastCallEntry+0xf8
340.000768 82aab020 00000ed Blocked nt!KiFastCallEntry+0xf8
[82adc020 svchost.exe]
38c.00039c 82ad8650 00008f2 Blocked nt!KiFastCallEntry+0xf8
38c.000484 82ab3020 0000427 Blocked nt!KiFastCallEntry+0xf8
38c.0004ac 82aad838 00000bc Blocked nt!KiFastCallEntry+0xf8
38c.0004b8 82ab0020 00008b2 Blocked nt!KiFastCallEntry+0xf8
38c.0004c4 82ab0368 00008b0 Blocked nt!KiFastCallEntry+0xf8
38c.000500 82a9c788 0000367 Blocked nt!KiFastCallEntry+0xf8
38c.00050c 82a9bda8 000052e Blocked nt!KiFastCallEntry+0xf8
38c.0003a4 82a01da8 0000a32 Blocked nt!KiFastCallEntry+0xf8
38c.000618 82a13020 0000aea Blocked nt!KiFastCallEntry+0xf8
38c.000630 82c7e778 0000b00 Blocked nt!KiFastCallEntry+0xf8
38c.000644 82a928b8 0000024 Blocked nt!KiFastCallEntry+0xf8
38c.0002ec 82a92020 00000bc Blocked nt!KiFastCallEntry+0xf8
38c.000134 82b6e640 0000aea Blocked nt!KiFastCallEntry+0xf8
38c.0007c8 82adbda8 0000150 Blocked win32k!NtUserCallNoParam+0xc
[82ad6488 svchost.exe]
[82ac8020 svchost.exe]
410.00022c 82a61328 0000767 Blocked nt!KiFastCallEntry+0xf8
[82ab0858 spoolsv.exe]
[82a98638 vmsrvc.exe]
540.000558 82a94570 000046e Blocked nt!KiFastCallEntry+0xf8
[82a4e8b0 vpcmap.exe]
68c.0006c0 82a4c1e8 00000b9 Blocked nt!KiFastCallEntry+0xf8
[82a41928 explorer.exe]
720.000450 82ba5020 00000bc Blocked nt!KiFastCallEntry+0xf8
720.000670 82ac49c8 00000ba Blocked nt!KiFastCallEntry+0xf8
720.0001a8 82a0a020 00000ed Blocked nt!KiFastCallEntry+0xf8
720.0002fc 82abe070 00000bc Blocked nt!KiFastCallEntry+0xf8
[82a26b30 vmusrvc.exe]
7b0.000248 82bbd370 0000c70 Blocked nt!KiFastCallEntry+0xf8
7b0.0000f8 82aab900 00000ee Blocked nt!KiFastCallEntry+0xf8
7b0.000738 82a85b40 0000c6f Blocked nt!KiFastCallEntry+0xf8
7b0.00070c 82a44398 0000c70 Blocked nt!KiFastCallEntry+0xf8
[82a25aa0 ctfmon.exe]
[82a73b38 alg.exe]
10c.000128 82a6f958 00004a4 Blocked nt!KiFastCallEntry+0xf8
[82a659d0 wmiprvse.exe]
[82be9a60 cmd.exe]
[82a69490 sc.exe]
[82a7b020 prac.exe]
[82ac7da0 prac.exe]
[82a65110 prac.exe]
[82a76ca8 scanuser.exe]
[82a63cf8 prac.exe]
[82a2f020 sc.exe]
[82acd020 sc.exe]
[82c08cb0 prac.exe]
[82a19020 sc.exe]
[82a9a020 sc.exe]
[82a3e778 scanuser.exe]
[82a48020 WINWORD.EXE]
[82a19780 agentsvr.exe]
[82b14020 notepad.exe]
[82b68640 wordpad.exe]
[82a64020 scanuser.exe]
[82a6ebc0 WINWORD.EXE]
[82ac7020 notepad.exe]
[82a60da0 wordpad.exe]
[82ac7698 sc.exe]
[82a68828 sc.exe]
[82adbb28 scanuser.exe]
478.0005a4 82adb8b0 0000bfc Blocked nt!KiFastCallEntry+0xf8
[82ada020 WINWORD.EXE]
6b8.00067c 82adada8 0000bfc Blocked fltMgr!FltSendMessage+0x149
Threads Processed: 279
Max cache size is : 1048576 bytes (0x400 KB)
Total memory in cache : 0 bytes (0 KB)
Number of regions cached: 0
0 full reads broken into 0 partial reads
counts: 0 cached/0 uncached, 0.00% cached
bytes : 0 cached/0 uncached, 0.00% cached
** Transition PTEs are implicitly decoded
** Prototype PTEs are implicitly decoded
kd> !locks
**** DUMP OF ALL RESOURCE OBJECTS ****
KD: Scanning for held locks…
Resource @ 0x82bd3560 Exclusively owned
Contention Count = 71700
NumberOfExclusiveWaiters = 3
Threads: 82adada8-01<*>
Threads Waiting On Exclusive Access:
82adbda8 82c69430 82b6a558
KD: Scanning for held locks…
Resource @ 0x82b64040 Shared 1 owning threads
Threads: 82d553cb-01<*> *** Actual Thread 82d553c8
4032 total locks, 2 locks currently held
kd> !analyze -hang
Connected to Windows XP 2600 x86 compatible target, ptr64 FALSE
Loading Kernel Symbols
…
Loading User Symbols
Loading unloaded module list
…
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 0, {0, 0, 0, 0}
Scanning for threads blocked on locks …
Probably caused by : scanner.sys ( scanner!AddToListReg+257 )
Followup: MachineOwner
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Unknown bugcheck code (0)
Unknown bugcheck description
Arguments:
Arg1: 00000000
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000
Debugging Details:
PROCESS_NAME: Idle
FAULTING_IP:
nt!RtlpBreakWithStatusInstruction+0
804e3592 cc int 3
EXCEPTION_RECORD: ffffffff – (.exr 0xffffffffffffffff)
ExceptionAddress: 804e3592 (nt!RtlpBreakWithStatusInstruction)
ExceptionCode: 80000003 (Break instruction exception)
ExceptionFlags: 00000000
NumberParameters: 3
Parameter[0]: 00000000
Parameter[1]: 8055142c
Parameter[2]: 000003f8
ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION} Breakpoint A breakpoint has been reached.
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x0
STACK_TEXT:
8055034c 804e3324 00000001 00000002 00000030 nt!RtlpBreakWithStatusInstruction
8055034c 806f2742 00000001 00000002 00000030 nt!KeUpdateSystemTime+0x165
805503d0 804dbb37 00000000 0000000e 00000000 hal!HalProcessorIdle+0x2
805503d4 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x10
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!RtlpBreakWithStatusInstruction+0
804e3592 cc int 3
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!RtlpBreakWithStatusInstruction+0
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntoskrnl.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 45e54711
BUCKET_ID: MANUAL_BREAKIN
Followup: MachineOwner