Weird file in Defense+ rules

Hi guys, a weird file appears in my defense+ rules list. It has no name, has no path. It has an icon exe files usually have. It uses a custom policy and has everything set to “ask”, i changed every entry to “block”, pressed okey and tried to apply settings, but the “apply” button doesnt work, only option i had was to press cancel and everything was set to “ask” again.

And when i click on “protected registry keys”" in “access rights” ,it shows that it is allowed to access the following keys.

\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Proxy
\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

And when i click on “protected files and folders”, it shows thatit is allowed to access the following files

And 4 other files that have no name.

Should i be worried, could this be some kind of a virus? Or is this just a corrupted entry in defense+ rules?

Thank you

Can you please post a screenshot of this? and also export the configuration via More → Manage configurations → select the ‘active’ one and press ‘Export’ save it to disk somewhere.
If possible send me a PM so you can send me the config for investigation please.

Okey, but i noticed another thing, this file is listed between dev++.exe and its sub files, so i assume it belongs to dev++. I was having some issues with this software yesterday, which i explained in this thread.

I set it as “installer or updater” yesterday. And after few hours i needed to perform a system restore. And i just found out that its no longer accepted as “installer or update”, its on custom policy. I believe the settings were changed because of the restore process. Could this file be a result of that as well?. Are those register keys and files usually accessed by installers and updaters?

I cant attach the file to a personal message, i cant find such feature.

We could exchange via email or some web storage which ever you prefer.

Probably CIS settings where included in the restore point, can you change it back to installer/updater without issue?

I could change the actual dev++ exe file back to installer updater, but not the file with no name because im not allowed to apply settings

Seems like there is something wrong… can you import your configuration under a new name and switch that to ‘active’ and then see if you can ‘apply’ again?
If not I think uninstall/install would be the best route to go.

What do you think the file is, could it be a virus?

Hard to be sure but my bet would be something from G++ caused this.
It seems something that loads wsock32 or some other network component.

It could just as well be a bug in CIS.