Sounds like it's triggered by something else, such as the Windows equivalent of a cron job, but it runs much longer if you have a username with the substring "user".

Yes, the DLL mentioned is related to the built-in task called "Disk Footprint."

Or, they always check the username for "user", but such a check only sometimes causes high CPU load.

Do you seriously think they're 'checking the username for "user"'? I wish all bugs were as straightforward.

They could be. If they have some OO Set of substrings that they check a composite login credentials string for then it is possible to accidentally have state that depends on the order of Set iteration.

Quite a few systems use the "bung all options into one configuration string, then have it parsed by this argument parser" method. And it is a reasonable method to use.

I'm guessing something there is interpreting the substring "user" as special - I'm thinking of the kind of bugs like if you type "NULL" in the textfield you'll fuck up the website, etc. Happens when people don't keep their interpreted and non-interpreted data straight.