This site is only for Avast Business products. For articles on AVG Business products, see AVG Business Help.

Fixing malware detection alerts from WPAD.dat

This Article Applies to:

  • Business Hub

In the event you receive constant notifications for malware detections of the wpad.dat file, consider the following steps to resolve the issue:

  • Disable automatic proxy discovery/configuration in browsers and operating systems unless those systems will only be used on internal networks
  • Use a registered and fully qualified domain name (FQDN) from global DNS as the root for enterprise and other internal namespace
  • Use an internal TLD that is under your control and restricted from registration with the new gTLD program
    • There is no assurance that the current list of “Reserved Names” from the new gTLD Applicant Guidebook (AGB) will remain reserved with subsequent rounds of new gTLDs (see here).
  • Configure internal DNS servers to respond authoritatively to internal TLD queries
  • Configure firewalls and proxies to log and block outbound requests for wpad.dat files
  • Identify expected WPAD network traffic and monitor the public namespace or consider registering domains defensively to avoid future name collisions.
  • File a report with ICANN if your system is suffering demonstrable severe harm due to name collision by visiting https://forms.icann.org/en/help/name-collision/report-problems.

If you still need assistance with the issue, please contact Avast Business Technical Support.