Windows Vista Forums

consent.exe

  1. #1


    malcp Guest

    consent.exe

    Hi does anyone know why consent.exe which is the consent ui for
    administrative applications would want to accesss the internet. I know the
    obvious that it could be a virus or spyware but I am running an up to date
    windows onecare and do regular scans and nothing is found. Also my router as
    an inbuilt firewall. My vista ultimate is fully up to date. There are no
    rogue programs in task manager or in the registry. Shieldsup shows my system
    as full stealth. I therefore think its the operating system thats doing it
    but why?
    --
    malcp

      My System SpecsSystem Spec

  2.   


  3. #2


    Val Guest

    Re: consent.exe

    Because every darn thing in Vista thinks it needs to talk to someone?

    Since installing ZoneAlarm, I'm amazed at all the processes that want to
    talk to my router, DNS, want to "multicast" to who knows where, and, in a
    few cases, actually call somewhere out on the 'net.

    What does disk defragmenter, for example, have any damn reason to talk to
    anyone? Just defragment, for cryin' out loud.
    (Sorry, end of rant.)

    I've not seen consent.exe yet come up. Are you operating as a Standard User
    or as an Administrator?

    Val

      My System SpecsSystem Spec

  4. #3


    malcp Guest

    Re: consent.exe

    I am operating as an administrator. I have it blocked in onecare firewall and
    it does not seem to affect operations but it would be nice to know why it
    needs to access the internet. anyone at Microsoft got an answer.
    --
    malcp

      My System SpecsSystem Spec

  5. #4


    Lang Murphy Guest

    Re: consent.exe

    It -looks- like it's an MS exe. Claims it's a "Consent UI for administrative
    applications." I don't know... maybe it's part of UAC. Why it accesses the
    internet? Dunno. Seems like everything wants to access the internet these
    days. ;-)

    Lang

      My System SpecsSystem Spec

  6. #5


    Spirit Guest

    Re: consent.exe

    There is a MalWare version of Consent.exe
    Right Click ALL of the ones you find and look for
    Microsoft details in Properties

    http://spywarefiles.prevx.com/RRHJID...NSENT.EXE.html
    Consent.exe - Malware

      My System SpecsSystem Spec

  7. #6


    marz Guest

    Re: consent.exe

    a number of processes need to contact the internet, this is quite normal
    and is part of how the internet works.
    for instance DNS = domain name server, when you type an address of a
    page into a browser then your computer needs to contact a dns server to
    resolve the url as an i.p. it is this ip number which your computer
    then looks up to find the page in question,
    as for consent.exe, i am not 100% sure about this, but i think that
    this has to do with getting permissions for various software to get
    elevated rights to run on your computer, for instance a program like
    regsupreme may want to do things to the registry, however windows needs
    to verify whether or not the program has a key held with an authority to
    permit it to run..
    ok, as i said i am not sure about the ins and outs of this however i
    think i am not too far of the mark here.

    it would be cool if microsoft wrote something a little more
    comprehensive about such processes, as it is we usually need to look
    these things up in some obscure corner of the web.


    --
    marz

      My System SpecsSystem Spec

  8. #7



    Newbie
    Join Date : Apr 2008
    Posts : 7
    Vista Ultimate x64
    Local Time: 06:52 PM


     

    Re: consent.exe

    Why oh why would "consent.exe be connecting to 64.18.25.38?" This address resolves to:
    OrgName: Baltimore Technologies

      My System SpecsSystem Spec

  9. #8


    Jon Guest

    Re: consent.exe

    Sounds dodgy. Don't give consent.exe consent.

    Jon

      My System SpecsSystem Spec

  10. #9


    Joe Morris Guest

    Re: consent.exe

    With the obvious caveats about its level of authority, according to
    Wikipedia "Baltimore Technologies" was at one time in the business of
    selling PKI certificates but sold that business to Betrusted in 2003.

    ARIN maps that IP address to Baltimore Technologies (as the OP stated), but
    the nameservers for that domain are shown as NS3.US.BETRUSTED.NET and
    NS4.US.BETRUSTED.NET, which support the info from Wikipedia.

    Betrusted in turn is now Cybertrust; the base Vista distribution includes a
    root certificate issued by Cybertrust. Interestingly, there is a root
    certificate that's part of the standard Windows XP distribution from
    Cybertrust, which (unusual for a root certificate) includes a CRL link --
    and that CRL link ("www2.public-trust.com") maps to 64.18.25.45, which is
    also registered to Baltimore Technologies.

    My guess is that the OP is running an application whose executables are
    signed by a certificate issued by Betrusted, Cybertrust, or one of their
    relatives, and that the system is attemting to validate that certificate.
    Recall that the text (and colors) used in a UAC challenge window are
    different depending on whether the requesting executable is or is not
    validly signed.

    So...the request is probably legitimate, but refusing to approve the request
    for external access is probably harmless.

    Joe Morris

      My System SpecsSystem Spec

  11. #10


    Jon Guest

    Re: consent.exe

    Quote Originally Posted by Joe Morris View Post

    With the obvious caveats about its level of authority, according to
    Wikipedia "Baltimore Technologies" was at one time in the business of
    selling PKI certificates but sold that business to Betrusted in 2003.

    ARIN maps that IP address to Baltimore Technologies (as the OP stated), but
    the nameservers for that domain are shown as NS3.US.BETRUSTED.NET and
    NS4.US.BETRUSTED.NET, which support the info from Wikipedia.

    Betrusted in turn is now Cybertrust; the base Vista distribution includes a
    root certificate issued by Cybertrust. Interestingly, there is a root
    certificate that's part of the standard Windows XP distribution from
    Cybertrust, which (unusual for a root certificate) includes a CRL link --
    and that CRL link ("www2.public-trust.com") maps to 64.18.25.45, which is
    also registered to Baltimore Technologies.

    My guess is that the OP is running an application whose executables are
    signed by a certificate issued by Betrusted, Cybertrust, or one of their
    relatives, and that the system is attemting to validate that certificate.
    Recall that the text (and colors) used in a UAC challenge window are
    different depending on whether the requesting executable is or is not
    validly signed.

    So...the request is probably legitimate, but refusing to approve the request
    for external access is probably harmless.

    Joe Morris

    Interesting research. Cybertrust subsequently also bought by Verizon
    Business.


    Verizon Business acquires Cybertrust
    http://www.networkworld.com/news/200...ybertrust.html

    I can spot a "GTE CyberTrust Global Root" certificate in my store which
    supposedly



    Protects e-mail messages
    Proves your identity to a remote computer
    Ensures the identity of a remote computer
    Ensures software came from software publisher
    Protects software from alteration after publication
    All issuance policies



    but I tend to work on the principle that if things work fine without these
    mysterious connections to information-gathering government-connected
    organizations, then there's no real need for them.


    --
    Jon

      My System SpecsSystem Spec

Page 1 of 3 123 LastLast

consent.exe
Similar Threads
Thread Forum
consent.exe Vista General
consent.exe Vista General
consent.exe not rendering Vista security
consent UI for administrative..... Vista security
Consent UI Vista performance & maintenance