What is this strange redirect malware?

[polonus]

See here: http://sitecheck.sucuri.net/results/goldcentre.ru  and go to website details to see it redirects users to:http://www.google.com/images/url  so to
Set-Cookie: GSID=31c8d28f1a2396284f32b691be92a850; expires=Tue, 01-Oct-2013 21:57:34 GMT; path=/; domain=goldcentre dot ru
Location: htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2
Note: This line has redirected the request to htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2

The location line in the header above has redirected the request to: htxp://www.google.com/url?sa=?q=how%20to&url=http%3A%2F%2

( If this redirect is not what you expected it has to be cleared.) http://labs.sucuri.net/db/malware/malware-entry-mwhta7


http://sucuri.net   Quttera gets Normalized URL:
-http://goldcentre.ru
Last scan date:
 30-9-2013 23:41:05
Current status:
 Unreachable
See: http://urlquery.net/report.php?id=6124380  (also IP history with  ET TROJAN W32/Sality Executable Pack Digital Signature ASCII Marker IDS alert)
Malware closed or dead according to: http://support.clean-mx.de/clean-mx/viruses.php?ip=78.140.165.153&sort=id%20DESC

Any comments?

polonus

[Secondmineboy]

NO.

Trend Micro blocks this as malicious.
Benign by ZScaler.

[polonus]

Also flagged by Bitdefender TrafficLight: https://trafficlight.bitdefender.com/info?url=http://www.goldcentre.ru/
flagged at  https://malwr.com/analysis/NzdkYmZmNWUzNmQ0NGNmN2I1ZWQ0NDU3NzRhZTI3MjA/
and this http://www.threatexpert.com/report.aspx?md5=a78df2774ee768d61962ae458e8e7f22

polonus