Hello,
I agree with Mick's comment.
This is actually normal. The Infected and At Risk Computers report is not the same thing as the Risk log. They have two separate functions.
Monitor >> Risk Logs
The Risk log contains information about risk events. Available information includes the event time, event actual action, user name, computer/domain, risk name/source, count, and file/path.
Check this Article:
About log types
Reports >> Risk Reports
Displays information about risk events on your management servers and their clients. It includes information about TruScan proactive threat scans.
Infected and At Risk Computers
This report consists of two tables. One table lists computers that have a virus infection. The other table lists the computers that have a security risk that has not yet been remediated.
Check this Article:
About the different types of Symantec Endpoint Protection Manager Reports
http://www.symantec.com/docs/TECH95538
Hope that helps!!