It is possible to run malware under a Windows Service and using a svchost process. It is very rare though and commonly used by rootkits and most made these days are well built to avoid detection (which includes performance degradation). More than likely the cause is negligent maintenance habits rather than malware.
Virtually any exe file can be made a service via the sc utility (although remote code execution to do this is very difficult to do). You can read the documentation on how to do it for utility purposes here:
Like I said if it's not located under system 32 it's most likely is a trojan (in disguise).
Just read the link I provided I had the same thing it's usually a mining trojan hogging cpu or gpu.
Ram usage could be merely a negligible side effect especially for those who have 8gb+, check the file's cpu usage but first and foremost check the file location it will give you a better indication.
[Edited by kingkob, 5/16/2015 5:00:45 PM]
* Updated game trainers and cheats daily
* Get notified when new cheats are added
* Request which games get new trainers
* Priority support with any problem