W32Koobface virus?

This morning I noticed in my Norton history the following

 

Risk

HTTP W32 Koobface File Download

 

Attacking computer-

 MY PC

 

Destination

72.191.xxx.xx   Port 80

 

Action taken

Blocked

 

So does this mean my computer tried to download the koobface virus to IP address 72.191.xxx.xx  ?

 

My Norton scan came up clean. I ran malewarebytes which also came up clean

 

Is this just a mistake?

Or is it a "flip flopped" reading and it should really show that the attacking computer was 72.191.216.58 and my Norton blocked it from downloading on my PC?

 

I use Norton Antivirus 2008 ( I'm waiting for 2010 to come out into the stores)

 

So could it be that NAV2008 has the alert flipped flopped?

I wonder why the Norton scan and malwarebytes scan would not detect the virus on my system, yet stop it from going out?

I think I read on here in the past that some alerts may "show" reversed, where the attacking computer reads the owner PC, when it is realley the remote IP address

 

Any help is appreciated

 

Thanks

Message Edited by Calls on 10-07-2009 06:42 AM