Description:
Web page contains a modification of the "ViewState" script that hides spammy links.
The script has multiple modifications where it changes the main function name: ViewState, xViewState, nemoViewState, zdrViewState, dnnViewState, dnnInit, xtrackPageview, versionsiphone, or may even use the same code without functions.
Here's the typical ViewState code:
function zdrViewState()
{
var a=0,m,v,t,z,x=new Array('9091968376','8887918192818786347374918784939277359287883421333333338896','9977918890','949990793917947998942577939317'),l=x.length;while(++a<=l){m=x[l-a];
t=z='';
for(v=0;v<m.length;){t+=m.charAt(v++);
if(t.length==2){z+=String.fromCharCode(parseInt(t)+25-l+a);
t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'}</'+x[0]+'>');}zdrViewState();
which translates to this hidden style declaration
<style undefined>.zdroq{position:absolute;top:-9999px}</style>
Affecting: Any web site (no specific target).