hmmm I have completely uninstalled and am using ad-aware free as a stopgap. I will reinstall today, and follow ajax’s instructions. last chance dance I think. this has already taken way too much time

not that I’m not grateful for everyone’s help here and I agree there is no perfect solution…but not being able to send my IMAP email at all is too far from perfect for me - call me fussy!

I will update if reinstall etc is successful…

update: I have uninstalled, deleted default avast certs from TB, then exported & imported der cert file : huzzah imap and pop mail are working again…for now.

and I even have SSL scanning switched on!

hopefully I will not have any more issues - I don’t have 100% confidence as I thought it was working previously, and it suddenly stopped working - without any update so I have no idea what goes in the mind of avast!

Problem as described is more of a nuisance for me. True, it is not a constant issue on this Windows 7 64bit machine.
I took a look at Ccleaner’s Options settings and “excluded” Thunderbird from being cleaned. I also unchecked it in the “Applications” list. Tested on our 32bit Windows 7 laptop to see what is happening; does not happen so far. I have seen this with Thunderbird and Verizon in the past, btw. (Avast Free 2014 9.0.2008)

@helkav: If you have followed the instructions in my previous post, hopefully, you will have a working system. At least, in my case, it seems to work (although, sporadically, I have
some pop ups but my e-mails are delivered/received normally).

@jc836: I am not sure that you have made the right choice (i.e., regarding CCleaner). I am saying that because Thunderbird cleaning has nothing to do with the (imported)
certificates.

Note: I have observed that the majority (if not the totality) of those sporadically appearing pop-ups manifests right after a Windows resuming (e.g., after a secure screen saver), i.e.,
when the connection was lost and then reset.

@ajax
status update: all still working sweet ;D
fingers crossed this is a permanent fix

I would say to others that I had tried the various fixed involving certs etc perviously, but the combo of an uninstall/reinstall and then applying the fixes seems to have sorted everything out

fyi i have windows 7 64bit / TB 28.0a1 (Daily update version) / multiple accounts using both pop and imap

thanks to people on the forum, especially ajax for the help with sorting this out. where would we all be without forums like this?

I am glad that I might have helped . In any case, please also consider my notes in my posts.

Regarding Thunderbird, I have version 24.1.0. Also, when dealing with Mozilla projects (Firefox, etc) it is advisable to perform a clean uninstall, as I have described it, first.

Avax_7:
I was testing the notion that Ccleaner might indeed impact the settings for Thunderbird 24.0.1. I will retry using it as it has never been harmful before.

@Avax
You said “if possible”–not all my accounts are IMAP, some are pop3 and I have local folders, plus Lightning installed both with Google and local calendars. Will I be able to keep my data if I uninstall as you indicated?

No -what I wrote is for a clean uninstall (i.e., nothing will be left). So, before you do that, consult these:
https://support.mozillamessaging.com/en-US/kb/moving-thunderbird-data-to-a-new-computer
http://kb.mozillazine.org/Thunderbird_:_FAQs_:_Migration

I hope I have not led to a misunderstanding as to my solution. I get the feeling I might have from the last few posts Here is exactly what I did:

• I did not uninstall Thunderbird, just Avast
• used a reg tool to find and delete all data in the registry with avast in them
• reinstalled Avast
• deleted the certs from Thunderbird,
• exported a .der cert file
• imported the .der cert file into thunderbird

after the above all my mail accounts are working even with SSL scanning turned on

ARGH! I spoke too soon. it’s back; can’t send imap emails again ; getting THAT popup from Avast.

…I did try to open safezone in the meantime (it sort of hung) obviously that SHOULDNT affect my
email client, but I’m really running out of ideas now…I guess I’ll have to try to uninstall Thunderbird

my supply of patience with this is almost out…

I am sorry but you did not read carefully the steps I mentioned in my previous posts… I wrote about uninstalling Thunderbird and not Avast!

I ended up doing something else (which maybe I didn’t need to do all of, but it was less trouble than uninstalling/reinstalling TB). I did reinstall Avast (that’s the part I probably didn’t need to do). And I found a troubling post.

I found a post that led me to this, which refers to 8 not 2014, but it seemed to work. I don’t know if it makes any difference, but I exported the certificate this way instead of using the Export button. I also checked the “Trust this CA to identify websites” as it says there when importing into TB (which I hadn’t done before because I wasn’t sure whether and what to check).
http://www.avast.com/faq.php?article=AVKB91#artTitle

I still don’t quite understand that after looking at this, which I’d found first. That said to check the “Trust this CA to identify email users.” Granted, not talking specifically about Avast, but I’d like to understand if someone can explain (i.e. the difference between websites and email users in this context).
http://wiki.cacert.org/FAQ/BrowserClients#Installing_the_CRL

This is the troubling post: https://lelutin.ca/posts/avast_conducts_MitM_attack_on_users_and_encourages_bad_security_practices/

I’m not sure about the fingerprints on the imported certificate, either.

However, with SSL Scanning enabled, I don’t get the Avast popups any longer and it appears that the emails are being scanned (based on what is in the email headers X-Antivirus and X-Antivirus-status).

Once again, the http://www.avast.com/faq.php?article=AVKB91#artTitle is something which I quoted in my previous posts. Nevertheless, the guidelines there refer to an older version of Avast!, they produce a different certificate (.cer) and, as the practice showed, they did not work. On the other hand, the procedure described in my previous post is suited to the newer version of Avast! and seems (fingers crossed) to work pretty good.

I spent most of the past day wrestling with this beast, until in desperation I decided that there might be someone else running into this nightmare, so, a brief web search brought me to this thread.

I’ve already tried much of what’s been suggested here – lost track of how many times I followed the friendly advice in the popup telling me to export the certificate and import it into Thunderbird. Tried every imaginable permutation of twiddling with the certificate after importing it (the fact that when I looked at it it told me it was NOT trusted wasn’t very comforting). Told Thunderbird to accept it. Tried checking the box for making it work on email. Tried checking all three of the boxes. No joy.

I’ve been using Avast! Free for years without this grief. It was only when I upgraded to Version 9/2014 that the “fun” began.

Frankly, I’m just not up for uninstalling Thunderbird and then hoping I’d managed to avoid wiping out many years of content in the process – or, at best, spending a nontrivial portion of my life reclaiming it. Nor am I excited by the fifty miles of step-by-step instructions found here: http://www.avast.com/en-eu/faq.php?article=AVKB91

After plodding through about a quarter of that page my eyes were glazed over and all I could think was that you gotta be kidding me. I mean, this sort of intricate “don’t make one wrong move” drudgework is what computers are FOR. (Speaking solely as a retired programer/tech writer and “formerly famous person” now a disabled old fart.)

OK, I can admit when I’m beaten.

So how do I "down"grade to Version 8? I searched my drives, found two incarnations of Ver 7 and one of Ver 9, but that’s it. All my other upgrades have been done via the in-program upgrade process, which, being consigned to uber-rural USA where I am stuck with dialup modem access, has always been less than enjoyable.

I have nosed around the Avast site and can not find any way to download Version 8. I have not yet looked at filehippo. If there’s anything there, can it be trusted? I am generally loath to trust software obtained from other than vendor-site.

In looking at this thread, and some of the other instances of people running into this not-so-small taste of hell, it seems there are a LOT of people wrestling with this, and, it’s been going on for what seems like quite some time.

I initially went with Avast because after researching every AV product I could find, it was the only one that was truly solid, void of bloatware (the big name retail products seemed the worst in that regard) and in general, truly elegant. I’m now starting to worry.

What worries me the most is the lack of any official statement on the problem, steps being taken to resolve it, any carrot of hope at all. The silence, as they say, is deafening.

Can anyone tell me how I can get back to version 8 and resume what’s left of my life?

@too old… I couldn’t agree with you more

I tried a more minimalist approach to the uninstall/reinstall TB suggestion - I renamed the cert8.db file to cert8.db.old and restarted TB
this has the effect of resetting all security exceptions. so far (touch wood and keeping everything crossed) this seems to have worked

I didn’t post as a solution because I have thought I was in the nirvana or being able to send emails without reprogramming my entire bleeping OS before, and look where that got me

at the moment I have no popups and can send/receive pop/imap and have SSL scanning on - I’m using Avast Internet Security

if you try this and it doesn’t work - because I don’t expect a consistent solution at this stage…post back here - I bet I have a version 8 of avast lying around somewhere (I’m a bit of a hoarder in that respect)

even so I would say: over to you Avast - you REALLY need to see how much palaver this upgrade is causing, and come up with a consistent solution

Thanks for your post helkav! It works!
One remark, the cert8.db is located in the %appdata% folder on Win7 systems and after renaming, you’ll have to accept the certificates for all your e-mail providers again. After doing so the message is gone.

@too old @helkav @smartin

I also agree (also too old for this and the many other things that have broken and shouldn’t have). I have 15 TB accounts plus local folders and 3 calendars and I don’t want to uninstall TB either.

An update to what I previously wrote, I have gotten a few warning popups since doing what I did (1-2x when I closed TB, which it was doing each time I closed TB before, and once in a while otherwise), but for the most part I can get/send email and the Avast blurb shows up at the end of the message and headers.

Sorry, I have to reply again, but the message is back. This only after resuming from hibernation, as far as I could work it out. Sending and receiving mails is working fine, all mails are scanned. What about you, is it the same on your side?

@smartin no still working touch wood and pray to all the bird-gods of thunder etc etc

I am using TB Daily (bleeding edge version of TB i.e. daily updates)

I will go back to release & earlybird and see if the problem exists on them…can’t see why they would, but this issue is currently defying all logic

hopefully I amn’t asking for trouble by testing out the earlier versions…oh well wish me luck - here goes…