Endpoint SWAT: Protect the Endpoint Community

After upgrading our SEPM to SEP12 RU6, we are noticing a few clients that have a new icon in the Health state column that looks like a text and magnifying glass. After clicking on it , it displays "Detailed Threat Analysis" report with risks/virusses that the machine had almost 2-3 months back. Is there any way of clearing this as the machine does not have any more risks/events logged for it? By the way, the clients are on RU4MP1 so I can't do the Power scan analysis option...

Any ideas?

 

This means the client has what SEPM determines as an active infection.

Has the machine checked in since being cleaned? If so, try deleteing from the console and letting check back in.

I think I tried deleting it , but didnt monitor if the same machine returned with the icon. Will do so and give feedback.

Basically, it comes down to the client needed to be rescanned and determined clean. Once the happens that will clear out in SEPM.

Just checked now and the machine comes back again with the same information. WIll try running a scan remotely and see if that removes it.

@ThaveshineP I know this sounds academic, but have you done:

How to run the Threat Analysis Scan in Symantec Help (SymHelp)(Article: TECH215519)

About the Threat Analysis Scan (Article: TECH215550)

After the next heartbeat and OpState sent to the SEPM from these few endpoints, what is the SEPM showing?

@Justice - I know the drill. However, to get access to the machine and run the symhelp on customer's site is very difficult as it is a government entity and thus not allowed. For now,  I will have to work with it until we upgrade the clients to RU6 to use the power eraser option.