Single Risk Security Event shows as File path : Unavailable.

Example - Email Alert

Subject: Single Risk Event: machine SystemName infected with SecurityRisk.OrphanInf, action Deleted

Message from:
    Server name: xxx
    Server IP: x.x.x.x
    Administrator Email:[email protected]
    Company Name: xyz
    
At least one security risk found:

Risk name: SecurityRisk.OrphanInf
File path: Unavailable
Event time: Jul 2, 2021, 12:21:54 PM
Database insert time: Jul 2, 2021, 12:21:54 PM
Source: Scheduled Scan
Description:
User: SYSTEM
Computer: SystemName
Domain: Default

SEP 14.x.x

SecurityRisk.OrphanInf is a detection on an orphaned AutoRun.inf files Its likely there's a reference to the orphaned autorun.inf in the registry leading to this event.

File Path unavailable is typically a reference to the non-disk location like registry/memory etc. or a remote location which SEP could not resolve and/or in case of removable drives, the drive is disconnected before SEP could learn the path/location. These are the possibilities it may fall under.

Its an expected behavior of SEP if File Path: Unavailable is shown in such Risk Events.