This morning I noticed in my Norton history the following
Risk
HTTP W32 Koobface File Download
Attacking computer-
MY PC
Destination
72.191.xxx.xx Port 80
Action taken
Blocked
So does this mean my computer tried to download the koobface virus to IP address 72.191.xxx.xx ?
My Norton scan came up clean. I ran malewarebytes which also came up clean
Is this just a mistake?
Or is it a "flip flopped" reading and it should really show that the attacking computer was 72.191.216.58 and my Norton blocked it from downloading on my PC?
I use Norton Antivirus 2008 ( I'm waiting for 2010 to come out into the stores)
So could it be that NAV2008 has the alert flipped flopped?
I wonder why the Norton scan and malwarebytes scan would not detect the virus on my system, yet stop it from going out?
I think I read on here in the past that some alerts may "show" reversed, where the attacking computer reads the owner PC, when it is realley the remote IP address
Any help is appreciated
Thanks