polonus
2
This in the code (snippet) almost immediately gives away its insecurity and that it could be potentially malicious and actually it is malicious here
==^^O31))^^nniuf+=string[\"from^^CharCode\"](eval(vq^vu^wg+h^fs^x[1*urnsnb]) +
^-broken by me, Pol
eval() may be abused in the pre-onload phase of the webpage,
therefore it is so vital that eval-generated js malcode is immediately blocked by the avast! Web Shield.
polonus