If the clients have had Intrusion Prevention or Downloading Insight installed at some stage but later uninstalled the report will list the definitions the client had before the components were uninstalled.
Symantec is aware of this issue and is currently investigating it