I've had 'System Mechanic' on my computer for awhile and it works great. It's a great complement to Norton. Every now and then I get a popup from them about adding more time to my account with them. The popup is not the real problem but getting rid of it is. There's no close button on it, so I go to task manager to delete it. On task manager it's displayed as 'Activebridge' so I close it by 'ending task' for it.
What I would like to know is Activebridge a virus or trojan? If so, how do I get rid of it?
Hello rickles1948. Answering your initial question regarding ActiveBridge.exe. This article explains the process, and states it is owned by iolo which makes System Mechanic. That being said, malware CAN disguise itself as a legitimate process, although this file isn't a Windows system file it can cause issues. To be safe, I would NEVER run an antiviral program with another vendor set of tools. Most especially a set of tools having a registry cleaning tool. That is asking for issues to happen and they can be huge ones. One exception is Malwarebytes which detects things Norton will not concentrate on.
To detect a possible malware scenario, I always suggest downloading and running RKill which is a nice utility that will detect malicious processes other software may miss, terminate those processes and report that you can now run A/V to clean the system. I then suggest running a full scan with an install of Malwarebytes. Last, but not least a full system scan with Norton (if you have Norton installed). Give these a shot to make certain you are 100% clean. Let us know what your results are if you'd be so kind.
Filename: ActiveBridge.exe
Full Path: C:\Program Files\iolo technologies\System Mechanic\ActiveBridge.exe
Developers
iolo technologies, LLC
Version
19.0.1.31
Identified
7/30/2019 at 5:24:51 PM
Last Used
Not Available
Startup Item
No
Many Users
Tens of thousands of users in the Norton Community have used this file.
New
This file was released 11 days ago.
Good
Norton has given this file a good rating.
Source File: ActiveBridge.exe
File Thumbprint - SHA:
bfad6ca5253ef2c7e9f64e810a95f31c7c8161fba6bffe315485aa419bd0135e
File Thumbprint - MD5:
e071bf97d038e8448edb8fbc3279849b
If you're certain that the pop-up is associated with the Activebridge process listed in your Task Manager, have you uploaded the activebridge.exe file to VirusTotal for analysis as bjm_ suggested? VirusTotal will scan executable files with ~ 65 common antivirus engines like Bitdefender, McAfee, Kaspersky, Symantec/Norton, etc. A detection rate of 5 / 65, for example, would mean that 5 of the 65 antivirus scanners rate the file as suspicious / malicious, while 60 of 65 rate the file as safe.
VirusTotal only checks to see if the SHA256 hash (digital fingerprint) of the file is rated as safe or unsafe by the scan engine [i.e., this is file-based scanning and does not include the additional heuristic (behaviour-based) scanning that Norton's SONAR real-time protection provides] but VirusTotal still provides a good second opinion about the safety of an executable file.
I would also suggest running a Threat Scan with Malwarebytes Free to see if it detects any higher-risk malware or lower-risk PUPs (a potentially unwanted program like a browser toolbar, adware, 3rd-party utility using obtrusive or deceptive advertising, etc. - see the PUP criteria <here>) on your system that might have been missed by a Norton Full System scan. Malwarebytes often flags registry cleaners and system optimizers like System Mechanic as a PUP, so before you run your first Threat Scan you might want to change the settings at Settings | Protection | Potential Threat Protection for lower-risk PUPs / PUMs from the default Always Detect to Warn User (see image below) so you're prompted to review any lower-risk threats before they are removed just in case you want to keep them.
Be sure you disable the 14-day trial version of the Premium real-time protection features of Malwarebytes at Settings | Account Details | Deactivate Premium Trial after installation (https://support.malwarebytes.com/docs/DOC-1033) as bjm_ suggested so it doesn't interfere with Norton's real-time protection.
------------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton v22.15.2.22 * Malwarebytes Free v3.5.1
I came to this forum hoping to get a direct answer to my question What I would like to know is Activebridge a virus or trojan? If so, how do I get rid of it?
What I wasn't expecting or looking for was comments on the disadvantages of System Mechanic.
Obviously this isn't the place to pose my question.
I'm not familiar with iolo products.
I'm not familiar with your device setup.
I'm not a malware expert.
From this distance. I'm reluctant to give a direct answer to your question.
I'm inclined to respond to the best of my ability with the best of intentions.
I just ran System Mechanic Pro; told it to fix everything last night. Tried to start it again today. Now Windows (10) won't Start. Just an endless circle of tiny white circles.
[...]
System Mechanic Pro, and all such programs, are *all* snake oil. Cleaning of the registry isn't needed and is dangerous. Leave the registry alone and don't use any registry cleaner. Despite what many people think, and what vendors of registry cleaning software try to convince you of, having unused registry entries doesn't really hurt you.
The risk of a serious problem caused by a registry cleaner erroneously removing an entry you need is far greater than any potential benefit it may have.
I did read the 'file.net' article of Google and that's what prompted to ask my question. The file is probably harmless and is probably just associated with System Mechanic, it's just annoying to have to use 'task manager' to delete the popup. Norton scan doesn't pick anything up for activebridge.
Um, does this resemble your System Mechanic 19.0.1.31
