Endpoint Protection

When I log in to a box running SEP 12.1 beta, I continue to get a notification windows that says, SEP has detected risks while you were logged out

When I check the Risk log, it is empty. Also, I do not see anything in the SEPM for this machine.

It was upgraded from RU6 MP3. Could this be a glitch?

I have seen this  happen even on versions  like  RU5, RU6 etc....so, it is nothing to do with SEP 12.X per se, or it being  upgraded  from ru6  mp3..

Check the  quarantine items. Are there any items in BACKUP state?  those could be  causing this...you can delete those items..

Also, please  see this:

http://www.symantec.com/business/support/index?page=content&id=TECH105373&actp=search&viewlocale=en_US&searchid=1306329246589

On both machines, the quarantine folder was empty but I did look at the SrtETmp folder and both had one file in there. A .tmp file

Can this be causing the issue and can it be deleted?

I don't think these files would cause the issue....did you look nat the link I pasted above?

Yea but I'm unable to find anything in the logs to indicate a threat of any kind. Quarantine is empty as well.

Brian, do you see anything in the PTP logs at all?  Wondering if it may be a SONAR detection too..

PTP is empty as well.