New Internet Explorer Attack by “Integrated Search Technologies” Works Even if IE is Closed!

The Internet Patrol - Patrolling the Internet for You


A new type of attack on Internet Explorer has been discovered this week, and this attack works even if IE is closed! The way that it works is that a user visits an infected site, is given a pop-up window asking them to install an applet from Integrated Search Technologies, and if they agree, the applet downloads and installs a ton of spyware, which in turn opens up Internet Explorer and starts doing its thing.

According to Christopher Boyd of, the attack works regardless of whether Internet Explorer is open or closed, and regardless of IE’s security settings.

Now, there are reasons to hope that this attack won’t gain much traction, not the least of which is that the user is first prompted to install the applet, and one would hope that most users won’t do so. The installation prompt message even says that security certificate for the applet was issued by a company that is not trusted, and that the Integrated Search Technologies certificate has expired or is otherwise not valid.

Still, it is aimed at end users, who are by and large a trusting bunch, and who are occasionally known to click first and ask questions later. Plus, the Integrated Search Technologies attack applet has been showing up on sites which seem the height of innocence, including a Neil Diamond site.

The bottom line? If an Integrated Search Technologies applet comes a’knocking at your door, don’t answer.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

13 thoughts on “New Internet Explorer Attack by “Integrated Search Technologies” Works Even if IE is Closed!

  1. I just went to the site and sent them the following Abuse Report, after their sh*t faked its way onto my computer a few times pretending to be other files: “Someone, in your name, is intercepting searches across Shareaza, Gnutella, G2, and other P2P file sharing networks for all files, and returning mass numbers of false positive search hits which are really fraudulent versions of your Adware toolbar download. This practice will make you liable to class-action lawsuits representing hundreds of thousands of victimized users, if you allow it to continue. It also may subject IST to federal and state criminal penalties for electronic fraud, malicious hacking, deceptive practicies, and other issues. I suggest you act to put a stop to it, before the online community does. In the current legal climate, P2P users would take great delight in shutting down IST, as some sort of vicarious “revenge” against you, for recent action by the music/recording industry. There is no question that the corruption of legal P2P search/indexing mechanisms by IST toolbar spam, masquerading under false pretenses as other files, is a violation of the law, and there appear to be thousands of counts of this on which to base a prosecution.”

  2. use ms antispyware beta after uninstalling each add on from add and remove programs. reboot and scan again. it works!

  3. here is free site with click to remove it from your computer (by people who make norton antivirus ware-you don’t have to have any anti-virus ware to use this–i just did it- takes a long time-but worth it)
    here is link ro remove the integrated technologies

  4. Searching and loading of ie pages was so sloow this morning. I knew something was wrong. Sure enough had this and media pass.

  5. further comment by h. I have running NAV updated weekly, BlackIce Defender, and Adware Filter Protection, WHICH JUST RECENTLY ACQUIRED/SHIFTED SOME NEW PROGRAMS AND IS STILL PRESENTLY SUSPECT. Am checking blackice and Norton for further info.

  6. I had integrated service technologies detected and quarantined by Adware Filter Protection, but it obscured the info in quarantine box. Then detected haldex?sp and quarantined it. Then Adware Filter detected slotch” presence. These may be working together to defeat anti-devices. See google or McAfee & type in integrated service technologies etc for some info. Sending info to Adware Filter Protector. Woulnd be surprised if Integrated Service Tech. is contractor for spying on citizens. Put them out of business now!

  7. so how do you get rid of it? my computer just detected it the other day… and now I don’t know what to do.

  8. Every system that I own or work on is running Lars Hederers ERUNT which backs up the registry each time the system boots.One of its strengths is the ability to evict this kind of slimeware in less than two minutes by restoring to yesterday’s registry.
    Check it out –

  9. The reason for these problems is your secutity tools are working against each other. I used to do as you did but then an expert pointed out the problem. I now run live use MS ant-spy zonealarm Pro and nortons antivirus. Off line clean with s&d and adware6. The only tool other than this is a clean reg

  10. I was attacked by this on the 6th of February through both Opera and Firefox. And even though I had several security tools running(NAV, WinPatrol, SB-S&D TeaTime, PrevX IDS-IPS,M$ AS beta, and SpyWare Blaster&Guard), it still managed to load several things before security shut it down. The JAVA security warning came up, and I said “no thanks”, but got nailed anyway. Took several cleaning sessions to get rid of it all.
    Next time, it will be “shut off the modem” and/or log off.

Leave a Reply

Your email address will not be published. Required fields are marked *