‘Disorderstatus.ru/order.php’ Pop-Ups

The 'Disorderstatus.ru/order.php' pop-ups are attempted attacks against your PC that have been blocked by your active security software. Although the 'Disorderstatus.ru/order.php' pop-ups ordinarily indicate a failure of the attack to follow-through, the threatening software responsible for the function still may be active, and may continue making attempts to contact the Disorderstatus.ru website. As a result, malware analysts always advise putting a halt to the 'Disorderstatus.ru/order.php' pop-ups by using anti-malware tools to scan your PC and delete the original threat.

The Downloads that aren't as Disorderly as They Might Appear

Unlike most pop-ups analyzed by malware experts, such as the '866-344-4315' Pop-Up or the 'Important Message' Pop-Up, the 'Disorderstatus.ru/order.php' pop-ups aren't Web browser-based messages. The 'Disorderstatus.ru/order.php' pop-ups are warnings from your native security products, including anti-virus suites and similar utilities that include features for blocking unwnted network activity. PC users without appropriate security tools may not see the 'Disorderstatus.ru/order.php' pop-ups, although the underlying attacks that cause them still may be taking place.

Most samples of the 'Disorderstatus.ru/order.ph' pop-ups and their associated environments may be caused by threatening software using Disorderstatus.ru as a domain for initiating non-consensual threat downloads. These Trojan downloaders may utilize native components of Windows, such as Msiexec.exe, to launch the Windows Installer program through command line arguments. Such attacks don't necessarily require visually displaying the command line, or any related applications. Consequentially, any unprotected PCs infected by these Trojans may be infected with an additional threat downloaded from Disorderstatus.ru (or one of its sub-domains).

Because this campaign is recent, with reported attacks as of August 2015, malware experts still are identifying all the threat actors involved in the attacks that are generating the 'Disorderstatus.ru/order.php' pop-ups. The eventual, intended payload has yet to have had its identity corroborated.

Bringing Order to a Trojan-Compromised PC

Most Trojan downloads with links to the 'Disorderstatus.ru/order.php' pop-ups also may include redundancy loops for reattempting any failed downloads. This feature may cause the 'Disorderstatus.ru/order.php' pop-ups to reappear regularly even if the attack is successfully blocked in each instance. However, closing security software generating the 'Disorderstatus.ru/order.php' pop-ups merely may leave the compromised PC open to a successful download and installation of other threats.

Since suppressing the symptoms of issues like the 'Disorderstatus.ru/order.ph' pop-ups may leave your PC at risk, malware experts recommend trying to identify and delete the original threat. Anti-malware products able to generate the 'Disorderstatus.ru/order.php' pop-ups also may be capable of scanning your PC. Those scans may find additional threats and remove them, although you may be required to do some additional procedures (such as restarting your computer in Safe Mode) for perfect accuracy.

Untrained PC users shouldn't remove software causing the 'Disorderstatus.ru/order.php' pop-ups by hand. Since many 'Disorderstatus.ru/order.php' pop-ups may be related to subverted Windows components, deleting the related program may force you to reinstall your OS. Allow your anti-malware products opportunities to detect and isolate any genuine threat pretending to be part of Windows.