Severity scale:  

Remove AnarchyGrabber (Virus Removal Instructions) - Jun 2020 update

removal by Linas Kiguolis - - | Type: Malware

AnarchyGrabber is one of most recent Discord viruses that gathers account information from Discord users

AnarchyGrabberAnarchyGrabber – token stealer that targets Discord users for a while and now delivers the updated version of the virus. The trojan[1] is designed to gather details from the platform and send the collected tokens to remote servers. The function allows hackers to steal users' account details, mostly targeted at passwords.

AnarchyGrabber malware can evade detection, and modify client files, spread using hacker forums and YouTube videos with malicious links in descriptions, or even malspam campaigns. Once this virus appears on the computer it will disable 2FA and might even start sending the virus to the victim's friends. The virus can alter the JavaScript file of Discord and hide its purposes from antivirus tools, so the stealer is running for a while unnoticed. 

AnarchyGrabber virus can inject malicious code on other files and alter many system folders, startup preferences, files, disable programs, and features to keep the machine affected and use the resources for additional processes. The attack works when the user is opening the Discord that has a modified file. Recent versions revealed that it is capable of stealing passwords and disabling 2FA, spreading malware to friends and contacts of the victim.[2]

Malicious script is launched, and users' login information automatically gets delivered to a channel controlled by criminals. Such instances can lead to loss of information from all the servers, contacts, direct messages. Even further, hacked accounts can be sued to steal other users' tokens and spread additional or the same stealer malware. Anything involving such data-stealing threats can result in trojan, ransomware infections, and breaches.[3] Servers may store some valuable information and sensitive details about companies or individuals.

Name AnarchyGrabber
Type Malware/ account stealer
Danger This virus steals account details, passwords, logins, and deleted contacts, servers. Such activity can lead to privacy issues, identity theft, and other issues with sensitive data that can be accessed and obtained
Symptoms Particular symptoms cannot be noticed because malware infiltrates the machine and runs in the background silently
Affects Discord users
Distribution The payload is distributed via links on YouTube video descriptions, malicious hacker forum posts with links, spam email campaigns
Elimination AnarchyGrabber removal using anti-malware programs can help eliminate all possible malware infections and check for any other dangerous files and programs
Repair You need to think about damaged system files, affected programs, and other virus damage that the existence of the malware can create. Reimage Reimage Cleaner Intego or any similar system optimizer, PC repair tool can be useful for general performance improvements and fix virus damage without causing additional issues for you

 AnarchyGrabber is the malware that can be set to launch additional installations of malware like ransomware and trojans, so there are many other layers to this virus than the initial information stealer function. It is used to hack the machine and steal data from the computer directly, so the process that controls detection or security can be modified to help malware evade any AV detections.

When this AnarchyGrabber virus gets on the machine and connects to the modified Discord client commands can be sent by the attacker and once of these operations may trigger messages to all the contacts and spread malware to more targets or distribute the AnarchyGrabber3 itself.

Once the Discord client gets modified, AnarchyGrabber3 is no longer triggered. This is why all the malicious activities are not spotted and the removal of this virus gets difficult automatically. The modified version can steal plaintext passwords and use that information to conduct credential stuffing attacks, undermine accounts on other sites.

First of all, this newly updated Discord virus alters the idex.js JavaScript file that belongs to Discord clients, so the modified version creates a different process when the program is launched. Users' logins, passwords, and other information are gathered when the person tries to log in to the account it becomes hacked in seconds. Users' tokens get delivered to Discord channel that beings to cybercriminals so they can collect these details. 

AnarchyGrabber malware also can use this information to steal other account details by sending the direct payload of malware to users, trick them into installing other malware via direct messages and posting on chats, servers. There are additional functions that can be implemented with all the details stolen from users. 

Since malware evades detection, AnarchyGrabber removal is also difficult. You cannot notice any symptoms, and your account may work properly as previously without any issues or glitches, so you cannot be aware that hackers have anything to do with your account. Some generic performance issues and errors can indicate that there is malware installed on the machine:

  • you notice suspicious files or processes;
  • Task Manager shows unfamiliar processes and high usage of PC resources;
  • general slowness of the system;
  • common errors and crashes;
  • pop-up or errors appearing out of nowhere.

There are many functions that stealers like this have, even though this is a virus that targets the Discord platform.  You need to remove AnarchyGrabber as soon as possible. If you notice any suspicious behavior and run the anti-malware tool yourself, you may terminate the malware in advance and avoid any results that may happen after the infection like this.  AnarchyGrabber virusAnarchyGrabber is the program that hacks account credentials to infect other users' devices with the same virus via Discord DMs. Unfortunately, this is the question of timing. If you manage to notice AnarchyGrabber malware in early stages, you can avoid damage and further cleaning that involves repairing the system from virus damage. But when the threat steals passwords, credit card details, and other sensitive information your credentials may get missed to steal identities, make purchases, transactions. So victims lose money and files, get exposed to hackers. 

AnarchyGrabber virus is used to steal accounts, so it is possible that other functions re not implemented. If so, you need to secure the account of yours, clean the machine, and fix the damage that malware left after itself. To do so, you can use PC repair tools, system optimizers, and pretty much any reliable tool like Reimage Reimage Cleaner Intego that can at least check for affected files and corrupted programs. 

Do not open any shady links that you are not sure about. You can download malicious programs or files that contain a virus. If you get randomly logged out of the Discord app, you shouldn't log back in yourself. It is impossible to get the AnarchyGrabber without triggering something yourself, so your interference is needed.

Malware creators deliver their products with the help of hacker forums

It is known that virus developers distribute this program on the internet using malicious links and malware scripts. These methods involve links placed on YouTube video descriptions that criminals upload on the platform, posing as tons of different users and added on email notifications that pose as messages from companies and services. Hacker forums also contain links to those videos and direct links to a free file hosting pages with directly triggered downloads of malware.

Unfortunately, these torrent sites, pirating software developers, and other pages like this can deliver files injected with a malicious script. Or you can receive the email from the legitimate sender or the company that you normally trust and trigger the drop pf malware without even noticing.

Hackers get stealthier and stealthier, so you can't notice this infiltration yourself. You can try to avoid infections by running the AV tools more often and always choosing Advanced or Custom options during installations, going for legitimate sources only. When it comes to emails – delete any notifications that raise questions. If you do not expect the email delete it without even opening or checking the attachment.

Get rid of AnarchyGrabber virus form your machine with anti-malware tools

You may possibly deal with a more dangerous threat besides the AnarchyGrabber virus, so rebooting the system in Safe Mode can help with the fact that malware evades detection and can disable some security tools. Any virus that is installed behind your back can cause problems with performance and internet speed, so rely on automatic tools.

You should rely on SpyHunter 5Combo Cleaner or Malwarebytes for the AnarchyGrabber removal because there are many places where malware-related files can get hidden. There is no way to find the threat manually because there are no applications that could be installed to stop the information-stealer entirely.

Get a proper anti-malware tool that can detest[4] such malware and then remove AnarchyGrabber by clicking to scan the machine fully. The in-depth scan can check for malicious data and apps, remove them all from your device. Sometimes affected files and damaged functions can interfere with removal procedures and generals cleaning, so get Reimage Reimage Cleaner Intego or a similar PC repair tool/ system optimization application and fix virus damage.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove AnarchyGrabber, follow these steps:

Remove AnarchyGrabber using Safe Mode with Networking

Reboot the system in Safe Mode with Networking, so your Av tool can run properly on the machine, and AnarchyGrabber gets removed

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove AnarchyGrabber

    Log in to your infected account and start the browser. Download Reimage Reimage Cleaner Intego or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete AnarchyGrabber removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove AnarchyGrabber using System Restore

System Restore can provide an additional option for the termination of this AnarchyGrabber malware

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of AnarchyGrabber. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with Reimage Reimage Cleaner Intego and make sure that AnarchyGrabber removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from AnarchyGrabber and other ransomwares, use a reputable anti-spyware, such as Reimage Reimage Cleaner Intego, SpyHunter 5Combo Cleaner or Malwarebytes

Do not let government spy on you

The government has many issues in regards to tracking users' data and spying on citizens, so you should take this into consideration and learn more about shady information gathering practices. Avoid any unwanted government tracking or spying by going totally anonymous on the internet. 

You can choose a different location when you go online and access any material you want without particular content restrictions. You can easily enjoy internet connection without any risks of being hacked by using Private Internet Access VPN.

Control the information that can be accessed by government any other unwanted party and surf online without being spied on. Even if you are not involved in illegal activities or trust your selection of services, platforms, be suspicious for your own security and take precautionary measures by using the VPN service.

Backup files for the later use, in case of the malware attack

Computer users can suffer from data losses due to cyber infections or their own faulty doings. Ransomware can encrypt and hold files hostage, while unforeseen power cuts might cause a loss of important documents. If you have proper up-to-date backups, you can easily recover after such an incident and get back to work. It is also equally important to update backups on a regular basis so that the newest information remains intact – you can set this process to be performed automatically.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware strikes out of nowhere. Use Data Recovery Pro for the data restoration process.

About the author
Linas Kiguolis
Linas Kiguolis - Expert in social media

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Linas Kiguolis
About the company Esolutions

Removal guides in other languages

Your opinion regarding AnarchyGrabber