Hi Sandcraft, well, it's a couple of things I care about. The main thing for me is, how can I make this go away. I'm not sure whether the system restore will work for me but I'll give it a try.

The other things of course are

1) what IS this thing?
2) how was it deployed on my server?
3) how can I prevent it from appearing again.

It is important for me to get the "default" behavior back, because there are friends coming to my place and I don't want to tell them "turn around" all the time if they are near my computer and I have to enter my password.

What I did yet:

1) doublecheck the status of Windows update. It was set to automatic, only two updates where missing (Excel and PowerPoint apparently) -- I've installed them. MS Baseline is happy now.
2) tried two different Anti-Virus programs (AntiVir and NOD32) -- both did not help
3) tried a couple of Anti-Trojan programs (a², Windows Detector, Process Guard, ...)
4) tried nmap on my Linux server, showing me the used ports of my Windows machine -- nothing special.
5) tried Spy Bot Search and Destroy -- didn't find anything either.

I've also noted, that safe mode just hangs for me, it's not working.