home

AgentAntidote.exe

Agent Antidote

Druide informatique inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘AgentAntidote64’. This is installed with Antidote 9.
Publisher:
Druide informatique inc.  (signed and verified)

Product:
Agent Antidote

Description:
AgentAntidote

Version:
Antidote 9

MD5:
20921bebc02129be22ad533e4b9ec5ab

SHA-1:
28688167ad5c8f2f48dc5ac8f1335238d007689e

SHA-256:
1ca5a0a97c590530d0b93719498b22a7cfc50746c7117f4b096af56176ccbd80

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2025 3:07:58 PM UTC  (today)

File size:
1.7 MB (1,782,640 bytes)

Product version:
Antidote 9

Copyright:
© 1993-2016, Druide informatique inc.

Original file name:
AgentAntidote.exe

File type:
Executable application (Win64 EXE)

Language:
French (France)

Common path:
C:\Program Files\druide\antidote 9\application\bin64\agentantidote.exe

Digital Signature
Signed by:
Druide informatique inc.

Authority:
Symantec Corporation

Valid from:
12/14/2015 1:00:00 AM

Valid to:
9/16/2016 1:59:59 AM

Subject:
CN=Druide informatique inc., O=Druide informatique inc., L=Montreal, S=Quebec, C=CA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
6810D281947F1C566EB92A8AEB49B7B8

File PE Metadata
Compilation timestamp:
9/9/2016 10:59:10 PM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:o39cuLTaXehI9y3AsVQ5zSKIVbgvYuE1nltjbJoF9tN1opTAd1x6MijQdLr2bKLP:otcGc/5ebbMEfxbAtIk/4ju2PpzQ

Entry address:
0x670B4

Entry point:
48, 83, EC, 28, E8, 43, 08, 00, 00, 48, 83, C4, 28, E9, F2, FD, FF, FF, CC, CC, 40, 53, 48, 83, EC, 20, 48, 83, 3D, A2, E4, 0D, 00, 00, 75, 36, BA, 08, 00, 00, 00, 8D, 4A, 18, FF, 15, CA, A3, 00, 00, 48, 8B, C8, 48, 8B, D8, FF, 15, FE, 9F, 00, 00, 48, 89, 05, 7F, E4, 0D, 00, 48, 89, 05, 70, E4, 0D, 00, 48, 85, DB, 75, 05, 8D, 43, 18, EB, 06, 48, 83, 23, 00, 33, C0, 48, 83, C4, 20, 5B, C3, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, 0D, 50, E4, 0D, 00, FF, 15, F2, 9F, 00, 00, 48, 89, 44, 24, 38, 48...
 
[+]

Code size:
445.5 KB (456,192 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
AgentAntidote64

Command:
"C:\Program Files\druide\antidote 9\application\bin64\agentantidote.exe" \lancementsession


The file AgentAntidote.exe has been discovered within the following program.

Antidote 9  by Druide informatique inc.
druide.com
About 1% of users remove it
 
Powered by Should I Remove It?

Scan AgentAntidote.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.