I've built a .NET console application which worked fine for several years. Since November 23, it takes a huge amount of time to start (15 seconds) when run in production (it works fine when run from Visual Studio).
I've tried to trace back what is going on with Process Monitor (ProcMon) and I've found this pattern:
- App starts normally
- App loads
cryptnet.dll
- App goes to sleep and I see a series of
TCP Reconnect
messages where the machine tries to reach 206.53.176.17 through HTTP (which seems to be in Bermuda). - App queries info on
cryptnet.dll
- App tries to connect to 206.53.176.78 through HTTP.
After 15 seconds, everything starts working again (I see an access to crypt32.dll
as the first thing happening the the application continues its loading).
I am completely lost: the problem is not related only to my machine, but all colleagues how are using my tool experience the same issue. This seems to have something to do with Authenticode signature verfications done while the app is being loaded.
Indeed, when trying to view the Digital Signatures of the EXE through the Explorer, clicking on Details takes 15 seconds to view the "Digital Signature Details" panel (without any error). The issuer of the certificate is defined as:
CN = QV Schweiz ICA
OU = Issuing Certificate Authority
O = QuoVadis Trustlink Schweiz AG
C = CH
and it is still valid (message says "This digital signature is OK.").
Note: The root issuer of the certificate is http://www.quovadisglobal.bm/ which happens to be in Bermuda...