Greetings. One of our clients has a Lenovo laptop, running Windows 10 latest update (ie, the one where you have to search for Control Panel).
At home, his internet service is provided by AT&T.
Just within the last ten days or so, when he brings his laptop to the office, he cannot open any intranet sites in Internet Explorer. (For a variety of reasons, the developer prefers IE). Instead, he gets a message page that AT&T can't find this local server. The web address is dnserrorassist.att.net.
I don't understand why AT&T is doing this, or how it is overriding PC settings, or how I can get rid of it. A Google search seems to say that "opting out" of this service is the only way, but he has tried every username and password he knows and is not getting anywhere.
Here's what I've done, not listed in order but as I go back and try to recall what I did--
1. Checked DNS. The only entry (through DHCP) is the local server in the office. Flushed DNS, it's still the only DNS server. ATT still comes up.
2. Hardcoded the DNS entries under IP4, using the local server and a Google server. Flushed DNS and restarted. ATT still comes up.
3. Edited the HOSTS file so that the server name and IP address are there. (The only other entry in HOSTS is localhost.) ATT still comes up.
4. Ran RKILL, ADWCleaner and MalwareBytes. Very minor stuff found. Rebooted, ATT still comes up.
5. Checked the registry for any mention of dnserrorassist. None found.
6. Restored PC to a restore point a few days before all this started happening. ATT still comes up.
7. Cleared history in IE. ATT still comes up.
8. Ran IE without any add-ons. I checked the add-ons that were listed, none of them are AT&T related. ATT still comes up.
Right now, the customer is using Edge, which works (as do other browsers) but is not as functional as IE. (Yes, I can't believe I typed that either.)
What I would like to do is find out where AT&T's stuff is hiding and root it out; barring that, if there's a way to block dnserrorassist.att.net I would do that as well. As far as I'm concerned, AT&T's behavior fits the definition of "malware" perfectly.
Anyone have any ideas?
Please let me know if you need any other details.
Thanks in advance for any and all suggestions.
PS: Apologies if this is in the wrong forum area.
Edited by BeckoningChasm, 20 June 2017 - 01:10 PM.