So today before i even started playing i was just sitting in the Join Server menu and Malwarebytes started to spam popup message me that Empyrion.exe was trying to connect to a Malwarebytes blocked IP address that they have blocked due to Trojan now i have done full checks on my system and my system is not infected, but this ip address Empyrion.Exe is trying to connect to has got Malwarebytes spamming the hek out of me is this IP in the attached image an official Empyrion IP that is safe to add to exclusions or is there something else at work here ?
The IP address you listed does not appear to be an official Empyrion IP address. The game is made in Germany, the location for this IP address is located in China, so... I would say it's unsecure. Perhaps changing the Port and see if the issue persists?
The provider for this address is: inetnum 42.224.0.0 - 42.239.255.255 netname UNICOM-HA descr China Unicom Henan province network descr China Unicom descr No.21,JiN-Rong Street, descr Beijing 100033 country CN admin-c CH1302-AP tech-c WW444-AP remarks service provider mnt-by APNIC-HM mnt-lower MAINT-CNCGROUP-HA mnt-routes MAINT-CNCGROUP-RR mnt-irt IRT-CU-CN irt IRT-CU-CN address No.21,Financial Street address Beijing,100033 address P.R.China e-mail [email protected] abuse-mailbox [email protected] admin-c CH1302-AP tech-c CH1302-AP Reverse lookup: hn.kd.ny.adsl No reply to pings, no open ports from 00 to 1000, probably there is an active firewall there
I suspect that someone has a server hosted at this address. Unless the server browser is using pings that are provided by the empyrion server listing (which would be inaccurate because your location can vary wildly from the server location) it sends a ping to every server that it's told about to determine your ping. And it probably doesn't use ICMP ping, it probably uses a UDP packet sent on a specific port. Thus if anybody was hosting a server on an IP that an anti-virus has a block on... this is going to happen.