Hey Jason,
FYI... I'm re engineering my use of UI++ for a specific deployment and getting the same issue as above. Tested config: W10 Ent 1903, fully patched, UI++ 2.11.1.2, Sophos Endpoint Protection. It does work on a bare metal system. I will continue to look into WinPE and Post OS task sequence. If the AV getting in the way, I can rearrange the task sequence, but id like to get a definitive answer why it fails with AV installed and if it can be fixed. Id be happy to test.
Gary
Log:
* Getting security information... UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XSystemDriveBitLockerProtected' to the value '1' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XServiceStateWindowsDefenderFirewall' to the value 'Running' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XServiceStartModeWindowsDefenderFirewall' to the value 'Auto' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallEnabledDomain' to the value 'False' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallInboundDomain' to the value 'Block' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallOutboundDomain' to the value 'Allow' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallEnabledPrivate' to the value 'False' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallInboundPrivate' to the value 'Block' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallOutboundPrivate' to the value 'Allow' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallEnabledPublic' to the value 'False' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallInboundPublic' to the value 'Block' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallOutboundPublic' to the value 'Allow' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XFirewallCurrentProfiles' to the value 'Domain,Public' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XServiceStateWindowsUpdate' to the value 'Running' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XServiceStartModeWindowsUpdate' to the value 'Manual' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XWindowsUpdatesEnabled' to the value 'False' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XWindowsUpdateDefaultService' to the value 'Microsoft Update' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
* Getting Windows Defender information... UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XServiceStateWindowsDefenderAntivirusService' to the value 'Stopped' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)
+ Set the task sequence variable 'XServiceStartModeWindowsDefenderAntivirusService' to the value 'Manual' UI++ 8/20/2020 10:03:58 AM 10252 (0x280C)