Malware could reside here: htxp://helloskate.us/images/user/pesquisadorRFI.txt?¶=premmy35@gmail.com&tempo=600&checador=http://helloskate.us/images/user/checador.php&enviador=http://helloskate.us/images/user/enviador.txt
Wepawet thinks it is benign: http://wepawet.iseclab.org/view.php?hash=d7bc799b432dc774524623c93c7818d5&t=1300971096&type=js
Nothing detected at virustotal: http://www.virustotal.com/url-scan/report.html?id=d7bc799b432dc774524623c93c7818d5-1300967185
Listed on uribl black list
Here it was detected as PHP.Mailer-5: http://www.virustotal.com/file-scan/report.html?id=a7b2f5b42ee9f20880f116be9f5d70979d112b3d7e3a01564ff841a2918c9631-1291579905
Is this a FP or real PHP-malware?
Was followed up here: http://support.clean-mx.de/clean-mx/viruses.php?id=625647
Has been with us since 2008: hacker using webmail and script, see: http://web-robot-abuse.blogspot.com/2008/06/hacker-using-email-brancohatgmailcom.html
polonus