The dumps are BREAKPOINT dumps ( STATUS_BREAKPOINT - (NTSTATUS) 0x80000003
because App Verifier is enabled. In the callstack I see telemetry related calls that trigger the crash:
ntdll!NtWaitForMultipleObjects
ntdll!WerpWaitForCrashReporting
ntdll!RtlReportExceptionHelper
ntdll!RtlReportException
verifier!AVrfpVectoredExceptionHandler
ntdll!RtlpCallVectoredHandlers
ntdll!RtlDispatchException
ntdll!KiUserExceptionDispatch
verifier!VerifierStopMessageEx
verifier!AVrfpHandleSanityChecks
verifier!AVrfpNtQueryInformationProcess
windows_storage!DefaultAssocTelemetry::UtilGetProcessTelemetryAppSessionGuid
windows_storage!DefaultAssocTelemetry::CreateAssociatedProcess_
windows_storage!DefaultAssocTelemetry::CreateAssociatedProcess<enum ShellExecuteDdeStages & __ptr64,long & __ptr64,long & __ptr64,_PROCESS_INFORMATION & __ptr64,unsigned long & __ptr64,IUnknown * __ptr64 & __ptr64>
windows_storage!CInvokeCreateProcessVerb::Launch
windows_storage!CInvokeCreateProcessVerb::Execute
windows_storage!CBindAndInvokeStaticVerb::_DoCommand
windows_storage!CBindAndInvokeStaticVerb::_TryCreateProcessDdeHandler
windows_storage!CBindAndInvokeStaticVerb::Execute
windows_storage!CRegDataDrivenCommand::_TryInvokeAssociation
windows_storage!CRegDataDrivenCommand::_Invoke
shell32!CRegistryVerbsContextMenu::_Execute
shell32!CRegistryVerbsContextMenu::InvokeCommand
shell32!HDXA_LetHandlerProcessCommandEx
shell32!CDefFolderMenu::InvokeCommand
shell32!SHInvokeCommandOnContextMenu2
shell32!s_DoInvokeVerb
SHCore!Microsoft::WRL::Details::RuntimeClass<Microsoft::WRL::Details::InterfaceList<CRandomAccessStreamBase,Microsoft::WRL::Details::InterfaceList<Windows::Storage::Streams::IRandomAccessStreamWithContentType,Microsoft::WRL::Details::InterfaceList<Windows::Storage::Streams::IContentTypeProvider,Microsoft::WRL::Details::InterfaceList<Microsoft::WRL::Implements<Microsoft::WRL::RuntimeClassFlags<3>,Microsoft::WRL::CloakedIid<IRandomAccessStreamMode>,Microsoft::WRL::CloakedIid<IRandomAccessStreamFileAccessMode>,Microsoft::WRL::CloakedIid<IObjectWithDeferredInvoke>,Microsoft::WRL::CloakedIid<IObjectWithFileHandle>,Microsoft::WRL::CloakedIid<IUnbufferedFileHandleProvider>,Microsoft::WRL::CloakedIid<IRandomAccessStreamPrivate>,Microsoft::WRL::CloakedIid<ITransactedModeOverride>,Microsoft::WRL::CloakedIid<CFTMCrossProcServer>,Microsoft::WRL::Details::Nil>,Microsoft::WRL::Details::Nil> > > >,Microsoft::WRL::RuntimeClassFlags<3>,1,1,0>::~RuntimeClass<Microsoft::WRL::Details::InterfaceList<CRandomAccessStreamBase,Microsoft::WRL::Details::InterfaceList<Windows::Storage::Streams::IRandomAccessStreamWithContentType,Microsoft::WRL::Details::InterfaceList<Windows::Storage::Streams::IContentTypeProvider,Microsoft::WRL::Details::InterfaceList<Microsoft::WRL::Implements<Microsoft::WRL::RuntimeClassFlags<3>,Microsoft::WRL::CloakedIid<IRandomAccessStreamMode>,Microsoft::WRL::CloakedIid<IRandomAccessStreamFileAccessMode>,Microsoft::WRL::CloakedIid<IObjectWithDeferredInvoke>,Microsoft::WRL::CloakedIid<IObjectWithFileHandle>,Microsoft::WRL::CloakedIid<IUnbufferedFileHandleProvider>,Microsoft::WRL::CloakedIid<IRandomAccessStreamPrivate>,Microsoft::WRL::CloakedIid<ITransactedModeOverride>,Microsoft::WRL::CloakedIid<CFTMCrossProcServer>,Microsoft::WRL::Details::Nil>,Microsoft::WRL::Details::Nil> > > >,Microsoft::WRL::RuntimeClassFlags<3>,1,1,0>
verifier!AVrfpStandardThreadFunction
kernel32!BaseThreadInitThunk
ntdll!RtlUserThreadStart
Here an invalid handle (that is NULL) is used by Windows.
APPLICATION_VERIFIER_HANDLES_NULL_HANDLE (303)
NULL handle passed as parameter. A valid handle must be used.
This stop is generated if the function on the top of the stack passed a
NULL handle to system routines.
Import this .reg file to disable to disable app verifier and dump creation. this should lower the amount of crashes.
I also see that the GROOVEEX.dll is loaded:
*** ERROR: Symbol file could not be found. Defaulted to export symbols for GROOVEEX.DLL -
Use ShellExView to disable Office Groove entries and look if this fixes it.
Also, have you used tools that try to disable Windows 10 telemetry? if yes, undo those changes.