DavidR
5
Svchost.exe, in case you aren’t aware is also used to connect to do windows updates and these connections would also be http. So you would have to make an appropriate rule for that.
Since you checked the “only connect to well known browsers” the avastSvc.exe (web shield) shouldn’t be monitoring this.
So the popups for svchost.exe are unrelated to avast as far as I’m aware.