Configuring Wireshark to ID Local Apps Downloading Thru svchost
Is there a way to config WIRESHARK to display apps/programs on my PC that are using svchost.exe to download. I have Win10 set to pause updates for a month and have configured as many apps as I can to not automatically download updates or backup data remotely, yet I just went thru over an hour where "something" downloaded 600MB via svchost. I have Norton 360 running and Malwarebytes and just ran both doing full system scan and all is "clean". I did run netstat -b in elevated cmd prompt but could not find culprit there (difficult to look through anyway). Thanks!