Redirect Removal - How to, Technology and PC Security Forum |
THREAT REMOVAL Redirect Removal

STF-topsecuritytabsearch-com-top-security-tab-search-imali-media-main-site-page is the primary web address of a browser hijacker. Imali Media Ltd. is the company creator of that unwanted program. An extension related to the hijacker, with similar capabilities, exists. Every search query you make will be filtered by this redirect and from the domain of another hijacker named SafeFinder. The unwanted software can alter your browser settings, and change the homepage, search engine, and new tab to Advertisements may show when you browse. To remove the hijacker and its files, you should read the whole article.

Threat Summary
TypeBrowser Hijacker, PUP
Short DescriptionAll browsers on your computer could be affected. The hijacker can redirect you and filter each of your searches.
SymptomsBrowser settings which are switched are the homepage, search engine and new tab, browser plugins and a toolbar. You could see third party content and advertisements.
Distribution MethodFreeware Installations, Bundled Packages
Detection Tool See If Your System Has Been Affected by


Malware Removal Tool

User ExperienceJoin Our Forum to Discuss – Delivery can use a few effective tactics for delivering itself to your browsers. Third-party installations are usually the main source. Software bundles, including freeware install setups, might place the hijacker inside your machine. By default, the setups might have additional components set for installing. Browser settings can be changed without prior notification, so the unwanted program can get inside your computer without you realize. Avoiding installations of that kind, you have to find a Custom or an Advanced setting menu in a setup. can get delivered to your computer system via advertising content, like banners, pop-ups and many other advertisement types, apparently. The hijacker could also be delivered through dubious websites which are hosting lots of redirecting links. These websites could be partnered up with Browsers that can be affected are: Google Chrome, Internet Explorer, Safari and Mozilla Firefox. – Analysis is the primary online domain and the search engine of a browser hijacker which has almost the same name – Top Security Tab. The company Imali Media Ltd. created it. That company is known to have produced many more browser redirect programs in the past. You can view more articles about Imali Media hijackers in our blog.

You can see a screenshot of the main web page here:


The page consists of just a search bar, links redirecting to different services, some of which are wrapped in as buttons. Some buttons are located below the search bar, and some other ones are on top of the page inside a toolbar. You can see that in the picture above this paragraph. Know that this page switches the search engine of all browsers you have on your PC, including the new tab setting, and the home page.

From the toolbar above, if you click on the “Repair Computer Errors” button, you will land on the following page:


That redirect is present in many more browsers and the Plus Network hijacker is a prime example of that. The ReImagePlus software, which is also known as ReImage Repair is a notorious rogue security program.

If any software related to is on your PC, or you have the related browser extension installed, then you will see many changes to your browsers. The extension can push advertisements, display more third-party content and land you on suspicious websites. Such sites could be partnered with


In the above image, you can see the search results page of You will notice that you get redirected to the one of Yahoo. More reputable search engines might begin showing the results of your searches from the unwanted redirect. That is a trick used so you might trust the redirect more. And this trick is effective as people still fall victim to such browser hijacker software. Each of your search queries will send data over the following redirect:


Via the Safe Finder service, the browser hijacker collects and transmits information about you to related servers of the redirect. The information is being stored there.

The search engines are inter-related somehow, and it is possible they disclose all information related to you between one another. They might be affiliates or partners. You should be very careful with their websites and search engines that mainly redirect users. Do not give your personal details to such websites. – Privacy Policy

The Privacy Policy of the site is that of the Imali Media Ltd company. The policy of Safe Finder is also active as you should have anticipated. The policies of both hijackers state that information is collected about you, because if you make any interaction with their sites is like giving them automatic permission for data collection. gathers both personally and non-personally identifying information. Partners and third parties can also receive all of that information, too.

You can preview the Privacy Policy of Imali Media right here:


According to the Policy, different types of information are being gathered.

Information, collected by Imali Media from each visitor:
  • Your IP (internet protocol) address
  • The type of browser you use
  • The time at which you visited the site
  • Which pages you visited throughout the site
Information you provide that can be collected:
  • Your name
  • Your email address
  • Country of origin
  • Your nickname
  • Telephone number
  • Website
  • Company
  • Job title
Information collected when you download and install the plugin:
  • Demographic information
  • Your gender
  • Your age
  • Occupation
  • Household income
  • Zip code
  • Your country
  • Mobile telephone number
  • Your E-mail address

As stated inside the policy, some of the information may also be obtained if you complete or fill a subscription form, questionnaire or any contest entry form.

Information collected automatically from the plugin:
  • Searches you perform using Imali Media domains
  • The ways in which you use various features
  • Pages you view on those domains
  • Page view count
  • Impressions and clicks

The information enumerated above, that is automatically gathered will be kept on servers of the Imali Media company and might get disclosed to their partners. The information will be acquired, when you enter the site of the hijacker from your browser and if you have the related plug-in set. Cookies accumulate that type of information.

Check the quote below, taken from the policy which is about the external links hosted on the site:

Our Site includes links to other third party Web sites (such as Google, Facebook, Youtube etc.) whose privacy practices may differ from those of Browsing Product. Our service may also be linked to sites or services operated by the Browsing Product affiliates or third parties, and may carry advertisements or offer content, functionality, games, rewards programs, newsletters, contests or sweepstakes, or applications developed and maintained by third parties including, any online store.

From the above quote it becomes apparent that Imali Media wants to say that whichever link, redirect or extra piece of content you come across, via their hijacker, is virtually not their fault. Despite that, the privacy policies of the sites which host the content will be active. Thus, those websites will be responsible for that content, if we accept that the statement from the above quote is true.

Do not click on anything hosted on those websites. Also, be careful whenever you use search engines, and what you seek for from search bars. Consider, that in this case the Safe Finder platform gathers further information about you and your online habits.

Remove Fully

To remove manually from your computer, follow the step-by-step removal guide provided below. In case the manual removal does not get rid of the hijacker and all of its files completely, you should search for and remove any leftovers with an advanced anti-malware tool. Such software can keep your computer secure in the future.

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share