svchost.exe wants "Unknown Flag" access

This is what the log entry says:

10 Mar 12:48:38 - [P] c:\windows\system32\svchost.exe [956] tried to gain Unknown Flag [01020450][00020450] access on c:\windows\system32\zonelabs\vsmon.exe [1796]

I welcome any thoughts, ideas, and comments. But I think this is one for DCS.

 

Hi disciple, svchosts is your system and probably needs to see what ZA's vsmon is doing.
Is vsmon is listed in pg?
Svchosts should be listed & have all the allows enabled by default.

HTH Pilli

 

Hi Pilli, thanks for the reply. Yep vsmon is listed in PG and svchost has all of the allows enabled, but none of the Options are enabled or have appeared as blocked in a log entry.

My reason for posting is to gain insight on what "Unknown Flag" might be about. I don't recall seeing a question/post about it prior to mine.

After posting this I did a search on "Unknown Flag" that only returned this thread.

 

Ah the unknown flag Hopefully Jason will shed some light on it.

 

Yes these unknown flags help me pinpoint undocumented Windows flags. They are unknown because there is no documentation describing them.

Thanks for posting the log, it will be helpful.

-Jason-