Defense + disabled on windows reboot [Resolved]

Running CIS V5.9 on W7 64 bit Home Edition with Proactive Security selected in configuration and Defense + set as Safe mode.
When I reboot, Defense + on the right of the summary interface states “disabled”.
Also, the right click icon in the taskbar indicates Disabled after re-boot.
Icon on left of interface states that “all systems are active and running”
Why do I have to reset Defense + to Safe mode each time I reboot ???
CIS Firewall and AV retain the configurations I set before re-boot. Only D+ changes.

Hi Zmiles,

The behavior you describe is not normal.
I am not sure what is going on, but it may help if I can get a little more information:

  1. In the main CIS program, go to defense+ > Defense+ settings > General tab: Is “Deactivate the defense + permanently” option currently selected or was it ever selected?
  2. Have you tried running CIS diagnostics (go to More tab, and click diagnostics) - what did diagnostics say?
  3. Have you tried uninstalling your current CIS and then re-installing a fresh copy? If so, what was the outcome?


First, thanks for the fast response.
Although I did have the “Deactivate D+ permanently” selected, I do not recall having done this.
I have deselected it and (obviously) the “problem” no longer exists on reboot.
I was concerned that perhaps malware was deactivating D+, but a full scan using Malwarebytes indicates “no issues found”, so I must conclude that this was my fault and… I feel stupid.
Only remaining concern, is why the summary interface indicated “all systems are active and running”, although D+ was disabled.
Also, partly to redeem my stupidity but also to be constructive and improve an already brilliant CIS, perhaps the relatively small indication of status of the AV, Firewall and D+ could be more prominent. e.g. a red “X” if disabled.
Again, CIS is a brilliant product and the support on the forums is exceptional.

I am glad the issue is solved.
I have accidentally selected check-boxes or incorrectly answered a Defense+ alert a few times myself.
In fact, I periodically check my settings, trusted files, and unrecognized files to make sure that everything is hunky-dory.

I agree that the notification should be better implemented. I think the main GUI is simply telling you that the elements that you have loaded are functioning okay. When you check “deactivate the Defense+”, you are telling CIS not to load D+. Also, some people have not installed D+ or the AV or the firewall, and thus those elements are not loaded, but the GUI will still indicate that the elements that are loaded are working okay.

It would be nice if you could customize how the CIS check-mark will warn you (in a fashion similar to how you can customize notifications in windows security center). You specify the elements that must be loaded and enabled for a green check mark to appear (e.g. defense+, AV, firewall, sandbox, execution control, etc). It would also be nice if CIS warned you when a setting is less secure than a specified level (e.g. you can set the firewall’s minimal security notification to “safe mode”, and CIS would warn you when the firewall was set less secure than this. Or you could set the notification level for “Treat unrecognized files as” to restricted, and CIS will warn you when the level was less secure that this).

From the information you have given I am not clear whether this is a bug/issue.

I’ll move this to help so peopl can find the solution in future.

Please ask any mod to move this report back to the bugs forum if it becomes clear that it is a bug/issue.