Проводник Windows падает каждый раз, когда я открываю панель управления

Question

Это ссылка на мой zip-файл, любая помощь будет принята с благодарностью.

https://www.dropbox.com/s/64ed3c820lee72y/explorer.exe.2208.7z?dl=0

Answer 1

Анализ дампа с помощью Windbg.exe, как я вам говорил вчера, показывает, что DLL-драйвер Realtek Audio RtkAPO.dll вызывает его сбой:

APPLICATION_VERIFIER_LOCKS_LOCK_IN_FREED_HEAP (202)
Freeing heap block containing an active critical section.
This stop is generated if a heap allocation contains a critical section,
the allocation is freed and the critical section has not been deleted.
To debug this stop use the following debugger commands:
$ !cs -s parameter1 - dump information about this critical section.
$ ln parameter1 - to show symbols near the address of the critical section.
This should help identify the leaked critical section.
$ dps parameter2 - to dump the stack trace for this critical section initialization.
$ parameter3 and parameter4 might help understand where this heap block was
allocated (the size of the allocation is probably significant). 
Arguments:
Arg1: 0790d83c, Critical section address. Run !cs -s <address> to get more information. 
Arg2: 00db2e6c, Critical section initialization stack trace. Run dps <address> to dump the stack trace. 
Arg3: 0790d4d0, Heap block address. 
Arg4: 000020f8, Heap block size. 
Cannot find frame 0x12, previous scope unchanged
GetUrlPageData2 (WinHttp) failed: 12002.

DUMP_CLASS: 2

DUMP_QUALIFIER: 400

CONTEXT:  (.ecxr)
eax=00000002 ebx=0790d4d0 ecx=001a1da0 edx=001a1da0 esi=0559f040 edi=6fcc40c0
eip=6fcac0de esp=03474404 ebp=0347461c iopl=0         nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00200202
verifier!VerifierStopMessageEx+0x5ce:
6fcac0de cc              int     3
Resetting default scope

FAULTING_IP: 
verifier!VerifierStopMessageEx+5ce
6fcac0de cc              int     3

EXCEPTION_RECORD:  (.exr -1)
ExceptionAddress: 6fcac0de (verifier!VerifierStopMessageEx+0x000005ce)
   ExceptionCode: 80000003 (Break instruction exception)
  ExceptionFlags: 00000000
NumberParameters: 3
   Parameter[0]: 00000000
   Parameter[1]: 85352030
   Parameter[2]: 001a1da0

BUGCHECK_STR:  BREAKPOINT_AVRF

DEFAULT_BUCKET_ID:  BREAKPOINT_AVRF

PROCESS_NAME:  explorer.exe

CRITICAL_SECTION:  0790d83c -- (!cs -s 0790d83c)

ERROR_CODE: (NTSTATUS) 0x80000003 - {AUSNAHME}  Haltepunkt  Im Quellprogramm wurde ein Haltepunkt erreicht.

EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - Mindestens ein Argument ist ung ltig.

NTGLOBALFLAG:  2000100

PROCESS_BAM_CURRENT_THROTTLED: 0

PROCESS_BAM_PREVIOUS_THROTTLED: 0

APPLICATION_VERIFIER_FLAGS:  48004

PRODUCT_TYPE:  1

SUITE_MASK:  272

DUMP_FLAGS:  c07

DUMP_TYPE:  3

APPLICATION_VERIFIER_LOADED: 1

THREAD_ATTRIBUTES: 
OS_LOCALE:  ENA

PROBLEM_CLASSES: 

    ID:     [0n309]
    Type:   [@APPLICATION_FAULT_STRING]
    Class:  Primary
    Scope:  DEFAULT_BUCKET_ID (Failure Bucket ID prefix)
            BUCKET_ID
    Name:   Omit
    Data:   Add
            String: [BREAKPOINT]
    PID:    [Unspecified]
    TID:    [Unspecified]
    Frame:  [0]

    ID:     [0n92]
    Type:   [AVRF]
    Class:  Addendum
    Scope:  DEFAULT_BUCKET_ID (Failure Bucket ID prefix)
            BUCKET_ID
    Name:   Add
    Data:   Omit
    PID:    [0x8a0]
    TID:    [0x950]
    Frame:  [0] : verifier!VerifierStopMessageEx

PRIMARY_PROBLEM_CLASS:  BREAKPOINT

LAST_CONTROL_TRANSFER:  from 6fcb98e8 to 6fcac0de

STACK_TEXT:  
0347461c 6fcb98e8 6fcc40c0 00000202 0790d83c verifier!VerifierStopMessageEx+0x5ce
03474650 6fcb3e4c 00000000 0790d4d0 000020f8 verifier!AVrfpFreeMemLockChecks+0xd0
03474674 6fcbcbff 00000000 0790d4d0 000020f8 verifier!AVrfpFreeMemNotify+0x2b
034746c0 772e98cd 00860000 00000000 0790d4d0 verifier!AVrfpRtlFreeHeap+0x36
0347470c 6fcbd61f 0790d4d0 6de7070d 00000000 msvcrt!free+0xcd
03474740 6513895a 0790d4d0 0790d4d0 03474764 verifier!AVrfp_delete+0x2c
WARNING: Stack unwind information not available. Following frames may be wrong.
03474750 651382f8 00000001 00000001 00000001 RtkAPO+0x8895a
03474764 05d27a3f 0790d4d0 6423eed1 074a4f68 RtkAPO+0x882f8
03474830 05db022e 00000000 05e102f8 00000000 ALSNDMGR!CPlApplet+0x341f
03474840 05d23a13 00000000 6423e1f5 00000000 ALSNDMGR!CPlApplet+0x8bc0e
00000000 00000000 00000000 00000000 00000000 ALSNDMGR+0x3a13


THREAD_SHA1_HASH_MOD_FUNC:  128245e1c5a144067c7294143b1d70e44a9ee3fa

THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  35e2a119c101d670bb94135875c4d22686f3a219

THREAD_SHA1_HASH_MOD:  a972caf98c89a7775743fa4131f66224f77c3960

FOLLOWUP_IP: 
RtkAPO+8895a
6513895a 59              pop     ecx

FAULT_INSTR_CODE:  5ec68b59

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  rtkapo+8895a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: RtkAPO

IMAGE_NAME:  RtkAPO.dll

DEBUG_FLR_IMAGE_TIMESTAMP:  494f46bb

STACK_COMMAND:  ~5s ; .ecxr ; kb

BUCKET_ID:  BREAKPOINT_AVRF_rtkapo+8895a

FAILURE_EXCEPTION_CODE:  80000003

FAILURE_IMAGE_NAME:  RtkAPO.dll

BUCKET_ID_IMAGE_STR:  RtkAPO.dll

FAILURE_MODULE_NAME:  RtkAPO

BUCKET_ID_MODULE_STR:  RtkAPO

FAILURE_FUNCTION_NAME:  Unknown

BUCKET_ID_FUNCTION_STR:  Unknown

BUCKET_ID_OFFSET:  8895a

BUCKET_ID_MODPRIVATE: 1

BUCKET_ID_MODTIMEDATESTAMP:  494f46bb

BUCKET_ID_MODCHECKSUM:  26d77a

BUCKET_ID_MODVER_STR:  11.0.6000.85

BUCKET_ID_PREFIX_STR:  BREAKPOINT_AVRF_

FAILURE_PROBLEM_CLASS:  BREAKPOINT

FAILURE_SYMBOL_NAME:  RtkAPO.dll!Unknown

FAILURE_BUCKET_ID:  BREAKPOINT_AVRF_80000003_RtkAPO.dll!Unknown

WATSON_STAGEONE_URL:  http://watson.microsoft.com/StageOne/explorer.exe/6.1.7601.23537/57c44cc4/verifier.dll/6.1.7600.16385/4a5bdb2a/80000003/0000c0de.htm?Retriage=1

TARGET_TIME:  2017-07-20T21:46:36.000Z

OSBUILD:  7601

OSSERVICEPACK:  23392

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

OSPLATFORM_TYPE:  x86

OSNAME:  Windows 7

OSEDITION:  Windows 7 WinNt (Service Pack 1) SingleUserTS

USER_LCID:  0

OSBUILD_TIMESTAMP:  2016-03-17 23:29:12

BUILDDATESTAMP_STR:  160317-0600

BUILDLAB_STR:  win7sp1_ldr

BUILDOSVER_STR:  6.1.7601.23392

ANALYSIS_SESSION_ELAPSED_TIME:  ef94

ANALYSIS_SOURCE:  UM

FAILURE_ID_HASH_STRING:  um:breakpoint_avrf_80000003_rtkapo.dll!unknown

FAILURE_ID_HASH:  {c97b21a6-fb5d-c17e-e29a-6d8fa44dca70}

Followup:     MachineOwner
---------

0:005> !cs -s 0790d83c
-----------------------------------------
Critical section   = 0x0790d83c (+0x790D83C)
DebugInfo          = 0x05772518
NOT LOCKED
LockSemaphore      = 0x0
SpinCount          = 0x00000000


Stack trace for DebugInfo = 0x05772518:

0x77566cd0: ntdll!RtlInitializeCriticalSectionEx+0xB3
0x7756ed1c: ntdll!RtlInitializeCriticalSectionAndSpinCount+0x19
0x6fcb8fc0: verifier!AVrfpInitializeCriticalSectionCommon+0xD8
0x6fcb90f9: verifier!AVrfpRtlInitializeCriticalSection+0x11
0x65137b05: RtkAPO+0x87B05
0x65138255: RtkAPO+0x88255
0x6513b5d6: RtkAPO+0x8B5D6
0x651338a7: RtkAPO+0x838A7
0x75ce8c66: ole32!CServerContextActivator::CreateInstance+0x172
0x75d03128: ole32!ActivationPropertiesIn::DelegateCreateInstance+0x108
0x75ce8d8a: ole32!CApartmentActivator::CreateInstance+0x112
0x75ce8cff: ole32!CProcessActivator::CCICallback+0x6D
0x75ce8a82: ole32!CProcessActivator::AttemptActivation+0x2C
0x75ce8a33: ole32!CProcessActivator::ActivateByContext+0x4F
0x75ce8ded: ole32!CProcessActivator::CreateInstance+0x49
0x75d03128: ole32!ActivationPropertiesIn::DelegateCreateInstance+0x108
0x75d02eac: ole32!CClientContextActivator::CreateInstance+0xB0
0x75d03128: ole32!ActivationPropertiesIn::DelegateCreateInstance+0x108
0x75d03050: ole32!ICoCreateInstanceEx+0x404
0x75d09dd5: ole32!CComActivator::DoCreateInstance+0xD9
0:005> lmvm RtkAPO
Browse full module list
start    end        module name
650b0000 6531c000   RtkAPO     (export symbols)       RtkAPO.dll
    Loaded symbol image file: RtkAPO.dll
    Image path: C:\Windows\System32\RtkAPO.dll
    Image name: RtkAPO.dll
    Browse all global symbols  functions  data
    Timestamp:        Mon Dec 22 08:50:19 2008 (494F46BB)
    CheckSum:         0026D77A
    ImageSize:        0026C000
    File version:     11.0.6000.85
    Product version:  11.0.6000.85
    File flags:       8 (Mask 3F) Private
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Realtek Semiconductor Corp.
    ProductName:      Realtek(r) LFX/GFX DSP component
    InternalName:     RTKAPODll
    OriginalFilename: RTKAPO.Dll
    ProductVersion:   11, 0, 6000, 85
    FileVersion:      11, 0, 6000, 85
    FileDescription:  Realtek(r) LFX/GFX DSP component
    LegalCopyright:   Copyright (c) Realtek Semiconductor Corp. 2008

Водитель с 2008 года, поэтому очень старый. Обновите драйвер Realtek или удалите ALSNDMGR.cpl из C:\WINDOWS\system32\ чтобы исправить это.