Description Screenshot is a fake news and search engine site that uses its seemingly-benign appearance as an excuse to direct traffic to self-serving links (such as Pay-Per-Click frauds). As a clone of, offers similar dangers to unwary visitors, such as browser hijackers that take over your web browser. If your web browser redirects itself to, your PC is infected by a browser hijacker and malware researchers recommend that you scan your computer immediately to remove this PC threat. However, even a few seconds of non-interactive contact with can be a source of additional attacks, and so you should even take accidental contact with as a potentially-serious invasion of your computer's security.

Why is Keen on Finding Bad Sites for You to Visit

Upon initial inspection, looks like an extremely-handy website for finding news articles and other websites. However, any efforts to use's features will immediately let you know the same thing that malware researchers have discerned – that will only provide links to irrelevant, advertisement-filled and possibly-malicious websites. Visits to may also result in drive-by-download attacks that can install anything from tracking cookies to browser hijackers, and's affiliates should be considered equally-untrustworthy.

Since traffic is unlikely to come to willingly, has compensated for this in the same fashion as – by using browser-redirecting Trojans to force traffic to come to itself. Trojans that are capable of redirecting your browser to may also block PC security sites, create fake error messages, interfere with your browser's settings or generate pop-ups. The presence of a Trojan that's capable of browser hijacks is also a high-level security risk, since such Trojans often have other functions (such as disabling security software or changing firewall settings).

Dulling's Edge for Fraudulent Marketing

Removing a browser hijacker for should always entail the usage of good PC security software if you have access to such programs, since Trojans are likely to conceal files in sensitive locations and may even use the names of normal Windows components. Browser redirects to can affect all major brands of web browsers, and you should never try to get rid of a browser hijacker by deleting your web-browsing application.

However, competent security software can delete browser hijackers for without any long-term harm for your PC. Using Safe Mode or another technique to disable the Trojan in the first place may be required before all of the infected components can be removed. Until that time, malware researchers warn that you should be careful to avoid any redirects to, which can reinfect your PC and force you to restart the disinfection from scratch.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINESOFTWAREClassesKeenFinderIEHelper.DNSGuardCLSIDHKEY_LOCAL_MACHINESOFTWAREClassesKeenFinderIEHelper.DNSGuardHKEY_LOCAL_MACHINESOFTWAREClassesKeenFinderIEHelper.DNSGuard.1HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "KeenFinderIEHelper.UrlHelper"HKEY_LOCAL_MACHINESOFTWAREClassesKeenFinderIEHelper.DNSGuardCurVerHKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "KeenFinderIEHelper.UrlHelper.1?HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} “UrlHelper Class”HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar “KeenFinder Toolbar”HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "KeenFinder KeenFinder Toolbar"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBarKeenFinderdtx.dll"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "KeenFinder Toolbar"
Posted: December 14, 2011

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.