Google has removed paid links that advertised seemingly legitimate
Web sites but actually tried to install nefarious programs on PCs.

The links were displayed as “sponsored links” after visitors
entered specific queries into Google’s search service. Clicking the
links would ultimately go to a legitimate site, but by way of another
site that attempted a “drive-by installation” of password-stealing software. Miscreants placed the links using Google’s AdWords service for advertisers.

Continues at news.com.com