How to Disable Microsoft Error Reporting

If you’ve ever encountered the following dialog – you know that an application has crashed in Windows.

As the dialog indicates, Microsoft is checking for a solution to the problem – which means it’s communicating back to Microsoft servers. While this may not be a problem for your enterprise environment, it’s additional noise that you typically don’t want/need in your malware sandbox. The following screenshot shows example HTTP traffic reporting the error.

Dr Watson Error Reporting as seen in Moloch

If you’re running an IDS such as Suricata – Emerging Threats also has a couple of signatures that can help you identify this traffic/behavior.

You can disable this behavior by following these few steps:

  1. Open the Control Panel and select System and Security

  2. Select Action Center


  3. Select Change Action Center Settings


  4. Select Problem reporting settings


  5. Select Never check for solutions