I've recently blogged about adding TLS support to Emacs 24.5 on Windows and improving git performance on Windows by installing an alternative git command line client. The reason I ended up investigating how to add SSL and TLS support to Emacs is that when I originally upgraded from the official git Windows client to the Git for Windows build, I ended up with non-working TLS support in Emacs.
I've blogged about improving the performance of Git on Windows in the past and rightly labelled the suggested solution as a bad hack because it requires you to manually replace binaries that are part of the installation. For people who tend to use DVCSs from the command line, manually replacing binaries is unlikely to be a big deal but it's clunky and should really be a wakeup call for some people to include a newer base system.
The Windows build of Emacs 24.5 doesn't ship with SSL and TLS support out of the box. Normally that's not that much of a problem until you are trying to access marmalade-repo or have org2blog talk to your own blog via SSL/TLS.
tl;dr - avast's web shield functionality appears to insert itself into SSL connections using a self signed trusted root certificate and a simple kind of man-in-the middle "attack" on SSL. I would recommend you turn off web shield's https scanning or choose another virus scanner.