Title: 'How to clear "Still Infected" status from Reports in the Symantec Endpoint Protection Manager'
Document ID: 2007111913145448
> Web URL: http://service1.symantec.com/SUPPORT/ent-security....

Hope that helps!

Could you Please tell which version of  SEP is installed .
If you are using any version below SEP MR4 , then please Upgrade to Symantec Endpoint Protection 11.0 MR 4 (Maintenance Release 4) or newer.

Symantec Endpoint Protection Manager console Home shows "Still Infected" count even though all infections were cleared in the Computer Status log

http://service1.symantec.com/support/ent-security.nsf/docid/2008091108413748

hi camaroguy

do as david says to clear Still Infected status in the sepm console. but my suggestion would be to monitor those logs like just keep a copy of todays still infected log and clear the log as said above the tommrow see the logs again and match with the old one saved. whether any pc appeariing again as still infected and does the file name infected is same if yes then visit the client and browse that file and delete it manually. if possible just scan the pc in safe mode. and monitor the logs again next day for that pc whether it shows still infected again or not.

Thanks guys we have plan to upgrade this weekend.   

Any insight that the documentation might of missed?

It looks pretty straight forward.

Still infected reports are very useful when it comes to monitoring a risk propagating in your environment, you should know the details of the risk in order for you to become  more proactive in securing your network environment

 Why does this have to be cleared manually?!?!?

Don't PC's send their 'cleaned' status back to the console/database?

This is due to database entries marked for deletion, but included in query that calculates "Still Infected" count. The database is not purged automatically so we have to clear it manually.

This issue addressed in Symantec Endpoint Protection 11.0 MR 4 (Maintenance Release 4) and newer