Hi Guys,
we can confirm this - this is indeed happening with avast, and possibly with other proxy like apps - like proxies for removing adds, parental control apps and such. Localhost communication is not a network traffic per se - no packets are leaving your PC - so some developers prefer the simple user experience and others like the complete protection. Hence some firewalls choose to ignore local traffic and others filter it like any other connection. This is a surprise for Comodo, but rather expected for Windows Firewall, where simplicity was always important.
Windows firewall was originally intended for inbound protection only, and as such works great. It can be tweaked to handle localhost traffic and outbound protection as well - so this is not a problem with the underlining technology. Those who want to try tweaking it, please read the following post from Dch48 for nice suggestions.
You can use either Windows 7 Firewall Control, which superimposes an outbound monitor over the Win Firewall or another app called Windows Firewall Notifier which actually turns on the outbound filtering in the Windows Firewall and alerts you to connection attempts allowing you to decide whether they should be allowed or not. The advantage of WFN over W7FC is that WFN only runs when connection attempts happen and shuts back down after a decision has been made. If you desire, you can also set it to make seperate rules for each Windows service that uses svchost instead of just globally allowing svchost itself. The problem with the loopback still exists though. Personally I just use the Win Firewall in it's default state and the Avast Firewall set on auto-decide.
As the whole proxy based process of filtering connections brings some confusion (such as this) over time, we are planning to remove the proxy from future versions of avast and replace it with other techniques. Please stay tuned.
Lukas.
Edit: creding Dch48 properly. Thanks Charyb