Fixing malware detection alerts from WPAD.dat

In the event you receive constant notifications for malware detections of the wpad.dat file, consider the following steps to resolve the issue:

• Disable automatic proxy discovery/configuration in browsers and operating systems unless those systems will only be used on internal networks
• Use a registered and fully qualified domain name (FQDN) from global DNS as the root for enterprise and other internal namespace
• Use an internal TLD that is under your control and restricted from registration with the new gTLD program
  • There is no assurance that the current list of “Reserved Names” from the new gTLD Applicant Guidebook (AGB) will remain reserved with subsequent rounds of new gTLDs (see here).
• Configure internal DNS servers to respond authoritatively to internal TLD queries
• Configure firewalls and proxies to log and block outbound requests for wpad.dat files
• Identify expected WPAD network traffic and monitor the public namespace or consider registering domains defensively to avoid future name collisions.
• File a report with ICANN if your system is suffering demonstrable severe harm due to name collision by visiting https://forms.icann.org/en/help/name-collision/report-problems.

If you still need assistance with the issue, please contact Avast Business Technical Support.