mail shield security exclusion pop-up

Hello
I have noticed these pop-ups from avast free and both the suite during it’s trial time just popping up out of nowhere.
I have made a screenshot of one of the pop-ups and uploaded it here http://i.imgur.com/wa8H9bW.png
now how would I go ahead to find out which process is causing these obviously illegitimate certificates to connect to a server that is unknown to me?
I am running the latest free version of avast (8.0.1489) on windows 7 ultimate 64 bit

http://www.avast.com/faq.php?article=AVKB91

thanks a lot for your effort to reply to my post but please notice that this error is not coming from a mail client but rather from avast itself. I should also add that when this pop-up appears there are no mail clients running on the machine.

do you use a mailclient to fetch your mail…or webmail?

do you use a torrent program?

See: http://forum.avast.com/index.php?msg=966898

yes I do use µtorrent at times and Thunderbird also has a place on this machine but none of those are running when these notifications pop up.
I also have no way to reproduce this pop-up and sometimes go several days without.

please see above reply to Pondus

then i guess next step is to check for any critters…

attach logs http://forum.avast.com/index.php?topic=53253.0

It seems some program uses the mail ports.
You’ll have to find out which program(s) is(are) running when this happens.

that is exactly what I am trying to do.

I already ran malwarebytes’ anti malware tool and used up the free trial period so I guess I will go ahead and run OTL with the settings suggested in that post? cheers.

Please do so.

I already ran malwarebytes' anti malware tool and used up the free trial period
it will still work as a free on demand scanner. ;) remeber to always update before you start a scan the pro version that give you a protection module and autoupdate is a one time fee for a lifetime license

I went and followed the guide step by step as described.
attached to this post you will find the logs provided by adwcleaner, malwarebytes and OTL.
for some odd reason OTL did only open one notepad window with a file called OTL.txt

I have manually obfuscated certain things like the username and the machine’s name.

What e-mail client do you use ?

please see my responses above regarding the e-mail client.

It is a programme using the e-mail ports to try and access that area could I see the extras text created by OTL as that lists port in use

as I stated in reply #11 there was no extras.txt

re-run OTL once more so we can re create the log, before you run the scan I need you to do this–> under the Extra Registry section please put a check mark in “All” then hit Runscan, when OTL is done scanning 2 logs will be generated, the first log will pop up in front of you, the second log will be mimized to the task bar down by the clock area, called Extras .txt please post that log.

Did you ever discover the cause of this? I’m getting the same kind of certificate warning for an obviously bogus domain.