I have problems with the "solution".
A. WHY are any of these processes touching SEP?
B. WHY is this JUST NOW starting since SEP 12.1 - why not SEP 11.xx????
C. I do not simply go in and make exclusions when something tries to do something to SEP - isn't that sort of risky? Yes, it's a legit process, but what if it's attempting to modify SEP in some way? I asked because I want a response as to what it could possibly be doing........
D. It's not just the Verizon app - Dragon Naturally Speaking is doing it too!
E. What is ccSvcHst.exe anyway, and why am I suddenly seeing it in all sorts of logs when I never saw it before in ANY logs with SEP 11.xxx?
F. Why is your ccSvcHst (looks almost like Microsoft's service host, doesn't it??) attempting to launch BRIDGE.SYS? We block any access to bridge.sys as it's a great way to be sure no one can setup any connection between our wired LAN and some rogue wireless AP - it's happened before when a user here decided, cool, I'll connect to this wireless AP in that building..." and we suddenly saw strange things on our wired net. So, I use SEP to block the launching of BRIDGE.SYS, however, since SEP 12.1 I see SEP attempting to touch it! Why would ccSvcHst be interested in the network bridge driver? Why was it not interested in v11.xx?
There's a lot in SEP 12.1 that's apparently new and undocumented, and we were not told about - it's taking our existing rules and blocks and wreaking havoc in the logs.