I've managed to replicate this issue of an svchost.exe (probably a malware or bitcoin mining piggyback.
This service always start on logon and has been utilizing 75% of my CPU usage on 3 threads. (25% each)
Can anyone make sense of it? I have a workaround where I create a SVCHOST.EXE folder in the windows temp, but every time I clear my Temp files it issue comes back again.