The other day I noticed a lot of svchost connections when I had to browser open and was not getting a Windows update. I did block svchost with a third party FW , while watching the connections. Even though svchost showed blocked , it kept trying new IP address connections. Then while leaving it blocked, I tried to open some of my browsers and they did all open but without svchost allowed there was no internet connection. And so when you say svchost and browser is not blocked, do you mean by Windows firewall?