Home

Forums

Stories

Knowledge Base

Home Network Community > Bug Report > Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

< Bug Report

Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Geegee

2020-09-19 08:58:54

Posts: 3

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2020-09-19

Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2020-09-19 08:58:54

Model: Archer C2300

Hardware Version: V2

Firmware Version: 1.1.0 Build 20200714 rel.30791(4555)

Hi,

I've been very happy with my Archer C2300 v2.0 for the past year. After the firmware update to 1.1.0 Build 20200714 rel.30791(4555) I keep on seeing A LOT of DNS requests (over 7500 in the course of 12 hours) coming from the router towards rgom10-tplink-en.url.trendmicro.com , even though I have never activated the antivirus feature.

I've double checked and the antivirus feature is disabled, but

(1) it keeps making DNS requests towards that domain

(2) it keeps blocking certain websites

I don't have any other antivirus software on my network or DNS/browser feature that would query the TrendMicro domain(s).

I strongly believe that this is not the intended behaviour and it's a bug.

8 Reply

Tony

2020-09-21 16:18:15

Posts: 6306

Helpful: 1498

Solutions: 165

Stories: 41

Registered: 2018-11-06

Re:Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2020-09-21 16:18:15

@Geegee

Do you have any parental controls configured? If so remove those, and test again.

The site you showed that was blocked, if you enter that side on multiple devices do they all get blocked?

Geegee

LV1

2020-09-21 17:06:05

Posts: 3

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2020-09-19

Re:Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2020-09-21 17:06:05

Hi @Tony

Thank you for you answer. I've checked and I don't have parental controls activated. The blocking behaviour took place on my desktop computer, I haven't checked with other devices. Right now the blocking behaviour is not happening anymore, but I still see A LOT of DNS requests coming from the router. This has happened immediately after I upgraded the firmware to the latest version. Do you think this behaviour is normal?

These are DNS requests from the past 7 days:

Tony

2020-09-22 20:43:13

Posts: 6306

Helpful: 1498

Solutions: 165

Stories: 41

Registered: 2018-11-06

Re:Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2020-09-22 20:43:13

@Geegee

What I was able to gather was the links are pointing to Trend Micro for the purpose of judging the link characteristic value.

Are you using QoS or is that disabled as well?

Geegee

LV1

2020-09-25 09:30:35

Posts: 3

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2020-09-19

Re:Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2020-09-25 09:30:35

Hi @Tony

I'm not using any special features – be it QoS, Parental controls, antivirus or anything else. I'm actually running a very simple setup, bare-bones.

Thanks for looking into this.

DavePi

LV1

2021-02-19 17:45:08

Posts: 4

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2020-01-11

Re:Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2021-02-19 17:45:08

I just started seeing a questionable site being blocked as a scam by my C2300 router. May be a good thing, but am unable to confirm this is current info.

How can I force an update to the content/definitions that HomeCare/trendmicro is using? HomeCare is enabled and reporting last update of 2/1/2021.

Additionally, I am unable to confirm the blocked site is a problem or false-positive with trendmicro.com while other security tools are reporting the site as good/green (Norton 360/safe search).

DavePi

LV1

2021-02-19 22:17:10

Posts: 4

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2020-01-11

Re:Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2021-02-19 22:17:10

Update: the router’s HomeCare webpage states Trendmicro update was done this AM, so the Tether app is out of date (bug report, please). Still have the question of how to get more info from Trendmicro so we can verify a potential scam false-positive.

Tony

2021-02-19 23:48:43

Posts: 6306

Helpful: 1498

Solutions: 165

Stories: 41

Registered: 2018-11-06

Re:Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2021-02-19 23:48:43

@DavePi

This site is where you can look up a respective URL to see how it is categorized: https://global.sitesafety.trendmicro.com/

After looking up a site you can request a reclassification of that URL.

DavePi

LV1

2021-02-20 03:19:25

Posts: 4

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2020-01-11

Re:Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

2021-02-20 03:19:25

@Tony thanks for the site. Now at 4-to-1 reporting safe, even though we are siding with trendmicro. Requested Norton take a fresh look.

Last question: is there a way to request the router update its virus DB? I am fine if the answer is an SSH/CLI.

Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

Archer C2300 v2.0 using TrendMicro antivirus feature when it's disabled

Information

Voters 0

Tags