Symantec Endpoint Protection¶
Warning
For remote installation it’s required to disable Antivirus on the target workstation.
Opem Symantec Endpoint Protection Manager
Open Policies -> Exceptions.

Add an exceptions policy:

Add StaffCop to exceptions:
Add -> Windows Exceptions -> Known Risks

You will see a list of all known risks. They are alphabetically sorted, you should scroll down to Spyware.Staffcop

In such a way you should add exceptions for files and folders of Agent:

Specify the following:
c:\Windows\System32\TimeControlSvc\
c:\Windows\Syswow64\TimeControlSvc\
c:\Windows\System32\Drivers\CaptureFileMonitor64.sys
c:\Windows\System32\Drivers\ProcObsrv64.sys
c:\Windows\temp\agent.msi
c:\Windows\Winexesvc.exe

Apply the policy on the required workstations.
