u/Impressive_Aerie3456

https://preview.redd.it/2tyz98lo6n0h1.png?width=1446&format=png&auto=webp&s=aa003afb1c7c0f280af0400484e82c98de07c348

Woke up to this detection notice (total of 6 outbound requests to this IP) and have been endlessly worried since.

I saw other posts with similar IP addresses being indicated as false positives:

https://www.reddit.com/r/Malwarebytes/comments/1rxzefk/false_positive/
https://www.reddit.com/r/antivirus/comments/1ssbzv0/immediately_flagged_by_malwarebytes_from_a/

But also saw this post (that's older than the above 2) where most have said this is spyware:

https://www.reddit.com/r/WindowsHelp/comments/1s9qnqy/malwarebytes_flagged_windows_os_as_a_potential/

VirusTotal shows only one malicious flag and indicates that this IP is also registered by Edgevana:

https://preview.redd.it/5xyx9o648n0h1.png?width=3683&format=png&auto=webp&s=c3a9a8f6d14f0aeb82df85bb3717b475bec200c1

I did see some WindowsUpdateClient logs at around the same time so I am not sure if it does have to do with the Windows Updates as others have suggested.

Any advice or input would be much appreciated 🙏

Svchost making requests to riskware website? Or false positive?