AnarchyGrabber (Virus Removal Instructions) - Jun 2020 update

AnarchyGrabber Removal Guide

What is AnarchyGrabber?

AnarchyGrabber is one of most recent Discord viruses that gathers account information from Discord users

AnarchyGrabberAnarchyGrabber virus is the information stealer that targets Discord accounts. AnarchyGrabber – token stealer that targets Discord users for a while and now delivers the updated version of the virus. The trojan[1] is designed to gather details from the platform and send the collected tokens to remote servers. The function allows hackers to steal users' account details, mostly targeted at passwords.

AnarchyGrabber malware can evade detection, and modify client files, spread using hacker forums and YouTube videos with malicious links in descriptions, or even malspam campaigns. Once this virus appears on the computer it will disable 2FA and might even start sending the virus to the victim's friends. The virus can alter the JavaScript file of Discord and hide its purposes from antivirus tools, so the stealer is running for a while unnoticed.

AnarchyGrabber virus can inject malicious code on other files and alter many system folders, startup preferences, files, disable programs, and features to keep the machine affected and use the resources for additional processes. The attack works when the user is opening the Discord that has a modified file. Recent versions revealed that it is capable of stealing passwords and disabling 2FA, spreading malware to friends and contacts of the victim.[2]

Malicious script is launched, and users' login information automatically gets delivered to a channel controlled by criminals. Such instances can lead to loss of information from all the servers, contacts, direct messages. Even further, hacked accounts can be sued to steal other users' tokens and spread additional or the same stealer malware. Anything involving such data-stealing threats can result in trojan, ransomware infections, and breaches.[3] Servers may store some valuable information and sensitive details about companies or individuals.

Name AnarchyGrabber
Type Malware/ account stealer
Danger This virus steals account details, passwords, logins, and deleted contacts, servers. Such activity can lead to privacy issues, identity theft, and other issues with sensitive data that can be accessed and obtained
Symptoms Particular symptoms cannot be noticed because malware infiltrates the machine and runs in the background silently
Affects Discord users
Distribution The payload is distributed via links on YouTube video descriptions, malicious hacker forum posts with links, spam email campaigns
Elimination AnarchyGrabber removal using anti-malware programs can help eliminate all possible malware infections and check for any other dangerous files and programs
Repair You need to think about damaged system files, affected programs, and other virus damage that the existence of the malware can create. FortectIntego or any similar system optimizer, PC repair tool can be useful for general performance improvements and fix virus damage without causing additional issues for you

AnarchyGrabber is the malware that can be set to launch additional installations of malware like ransomware and trojans, so there are many other layers to this virus than the initial information stealer function. It is used to hack the machine and steal data from the computer directly, so the process that controls detection or security can be modified to help malware evade any AV detections.

When this AnarchyGrabber virus gets on the machine and connects to the modified Discord client commands can be sent by the attacker and once of these operations may trigger messages to all the contacts and spread malware to more targets or distribute the AnarchyGrabber3 itself.

Once the Discord client gets modified, AnarchyGrabber3 is no longer triggered. This is why all the malicious activities are not spotted and the removal of this virus gets difficult automatically. The modified version can steal plaintext passwords and use that information to conduct credential stuffing attacks, undermine accounts on other sites.

First of all, this newly updated Discord virus alters the idex.js JavaScript file that belongs to Discord clients, so the modified version creates a different process when the program is launched. Users' logins, passwords, and other information are gathered when the person tries to log in to the account it becomes hacked in seconds. Users' tokens get delivered to Discord channel that beings to cybercriminals so they can collect these details.

AnarchyGrabber malware also can use this information to steal other account details by sending the direct payload of malware to users, trick them into installing other malware via direct messages and posting on chats, servers. There are additional functions that can be implemented with all the details stolen from users.

Since malware evades detection, AnarchyGrabber removal is also difficult. You cannot notice any symptoms, and your account may work properly as previously without any issues or glitches, so you cannot be aware that hackers have anything to do with your account. Some generic performance issues and errors can indicate that there is malware installed on the machine:

  • you notice suspicious files or processes;
  • Task Manager shows unfamiliar processes and high usage of PC resources;
  • general slowness of the system;
  • common errors and crashes;
  • pop-up or errors appearing out of nowhere.

There are many functions that stealers like this have, even though this is a virus that targets the Discord platform. You need to remove AnarchyGrabber as soon as possible. If you notice any suspicious behavior and run the anti-malware tool yourself, you may terminate the malware in advance and avoid any results that may happen after the infection like this. AnarchyGrabber virusAnarchyGrabber is the program that hacks account credentials to infect other users' devices with the same virus via Discord DMs. Unfortunately, this is the question of timing. If you manage to notice AnarchyGrabber malware in early stages, you can avoid damage and further cleaning that involves repairing the system from virus damage. But when the threat steals passwords, credit card details, and other sensitive information your credentials may get missed to steal identities, make purchases, transactions. So victims lose money and files, get exposed to hackers.

AnarchyGrabber virus is used to steal accounts, so it is possible that other functions re not implemented. If so, you need to secure the account of yours, clean the machine, and fix the damage that malware left after itself. To do so, you can use PC repair tools, system optimizers, and pretty much any reliable tool like FortectIntego that can at least check for affected files and corrupted programs.

Do not open any shady links that you are not sure about. You can download malicious programs or files that contain a virus. If you get randomly logged out of the Discord app, you shouldn't log back in yourself. It is impossible to get the AnarchyGrabber without triggering something yourself, so your interference is needed.

Malware creators deliver their products with the help of hacker forums

It is known that virus developers distribute this program on the internet using malicious links and malware scripts. These methods involve links placed on YouTube video descriptions that criminals upload on the platform, posing as tons of different users and added on email notifications that pose as messages from companies and services. Hacker forums also contain links to those videos and direct links to a free file hosting pages with directly triggered downloads of malware.

Unfortunately, these torrent sites, pirating software developers, and other pages like this can deliver files injected with a malicious script. Or you can receive the email from the legitimate sender or the company that you normally trust and trigger the drop pf malware without even noticing.

Hackers get stealthier and stealthier, so you can't notice this infiltration yourself. You can try to avoid infections by running the AV tools more often and always choosing Advanced or Custom options during installations, going for legitimate sources only. When it comes to emails – delete any notifications that raise questions. If you do not expect the email delete it without even opening or checking the attachment.

Get rid of AnarchyGrabber virus form your machine with anti-malware tools

You may possibly deal with a more dangerous threat besides the AnarchyGrabber virus, so rebooting the system in Safe Mode can help with the fact that malware evades detection and can disable some security tools. Any virus that is installed behind your back can cause problems with performance and internet speed, so rely on automatic tools.

You should rely on SpyHunter 5Combo Cleaner or Malwarebytes for the AnarchyGrabber removal because there are many places where malware-related files can get hidden. There is no way to find the threat manually because there are no applications that could be installed to stop the information-stealer entirely.

Get a proper anti-malware tool that can detest[4] such malware and then remove AnarchyGrabber by clicking to scan the machine fully. The in-depth scan can check for malicious data and apps, remove them all from your device. Sometimes affected files and damaged functions can interfere with removal procedures and generals cleaning, so get FortectIntego or a similar PC repair tool/ system optimization application and fix virus damage.

do it now!
Fortect Happiness
Intego Happiness
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Getting rid of AnarchyGrabber. Follow these steps

Manual removal using Safe Mode

Reboot the system in Safe Mode with Networking, so your Av tool can run properly on the machine, and AnarchyGrabber gets removed

Important! →
Manual removal guide might be too complicated for regular computer users. It requires advanced IT knowledge to be performed correctly (if vital system files are removed or damaged, it might result in full Windows compromise), and it also might take hours to complete. Therefore, we highly advise using the automatic method provided above instead.

Step 1. Access Safe Mode with Networking

Manual malware removal should be best performed in the Safe Mode environment. 

Windows 7 / Vista / XP
  1. Click Start > Shutdown > Restart > OK.
  2. When your computer becomes active, start pressing F8 button (if that does not work, try F2, F12, Del, etc. – it all depends on your motherboard model) multiple times until you see the Advanced Boot Options window.
  3. Select Safe Mode with Networking from the list. Windows 7/XP
Windows 10 / Windows 8
  1. Right-click on Start button and select Settings.
  2. Scroll down to pick Update & Security.
    Update and security
  3. On the left side of the window, pick Recovery.
  4. Now scroll down to find Advanced Startup section.
  5. Click Restart now.
  6. Select Troubleshoot. Choose an option
  7. Go to Advanced options. Advanced options
  8. Select Startup Settings. Startup settings
  9. Press Restart.
  10. Now press 5 or click 5) Enable Safe Mode with Networking. Enable safe mode

Step 2. Shut down suspicious processes

Windows Task Manager is a useful tool that shows all the processes running in the background. If malware is running a process, you need to shut it down:

  1. Press Ctrl + Shift + Esc on your keyboard to open Windows Task Manager.
  2. Click on More details.
    Open task manager
  3. Scroll down to Background processes section, and look for anything suspicious.
  4. Right-click and select Open file location.
    Open file location
  5. Go back to the process, right-click and pick End Task.
    End task
  6. Delete the contents of the malicious folder.

Step 3. Check program Startup

  1. Press Ctrl + Shift + Esc on your keyboard to open Windows Task Manager.
  2. Go to Startup tab.
  3. Right-click on the suspicious program and pick Disable.

Step 4. Delete virus files

Malware-related files can be found in various places within your computer. Here are instructions that could help you find them:

  1. Type in Disk Cleanup in Windows search and press Enter.
    Disk cleanup
  2. Select the drive you want to clean (C: is your main drive by default and is likely to be the one that has malicious files in).
  3. Scroll through the Files to delete list and select the following:

    Temporary Internet Files
    Recycle Bin
    Temporary files

  4. Pick Clean up system files.
    Delete temp files
  5. You can also look for other malicious files hidden in the following folders (type these entries in Windows Search and press Enter):


After you are finished, reboot the PC in normal mode.

Remove AnarchyGrabber using System Restore

System Restore can provide an additional option for the termination of this AnarchyGrabber malware

  • Step 1: Reboot your computer to Safe Mode with Command Prompt
    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of AnarchyGrabber. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with FortectIntego and make sure that AnarchyGrabber removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from AnarchyGrabber and other ransomwares, use a reputable anti-spyware, such as FortectIntego, SpyHunter 5Combo Cleaner or Malwarebytes

How to prevent from getting malware

Do not let government spy on you

The government has many issues in regards to tracking users' data and spying on citizens, so you should take this into consideration and learn more about shady information gathering practices. Avoid any unwanted government tracking or spying by going totally anonymous on the internet. 

You can choose a different location when you go online and access any material you want without particular content restrictions. You can easily enjoy internet connection without any risks of being hacked by using Private Internet Access VPN.

Control the information that can be accessed by government any other unwanted party and surf online without being spied on. Even if you are not involved in illegal activities or trust your selection of services, platforms, be suspicious for your own security and take precautionary measures by using the VPN service.

Backup files for the later use, in case of the malware attack

Computer users can suffer from data losses due to cyber infections or their own faulty doings. Ransomware can encrypt and hold files hostage, while unforeseen power cuts might cause a loss of important documents. If you have proper up-to-date backups, you can easily recover after such an incident and get back to work. It is also equally important to update backups on a regular basis so that the newest information remains intact – you can set this process to be performed automatically.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware strikes out of nowhere. Use Data Recovery Pro for the data restoration process.

About the author
Linas Kiguolis
Linas Kiguolis - Expert in social media

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Linas Kiguolis
About the company Esolutions

Removal guides in other languages