sucuri also see that redirect url. http://sitecheck.sucuri.net/results/yabies.com

Malware entry: MW:HTA:7. http://labs.sucuri.net/db/malware/malware-entry-mwhta7

GET / HTTP/1.1 Host: yabies dot com Referer: htxp://www.google.com/search?q=redirect+check1 HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 19 Aug 2013 17:02:26 GMT Location: [b]htxp://niu-sae.com/stats.php[/b] Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 413 Content-Type: text/html; charset=iso-8859-1 malicious