VersionsVersions

d41d8 99.19%
17739 0.81%
(Note, the developer publishes each variation of this file with the same version, but the hashes are unique.)

picasa3.exe

Remove picasa3.exe

Overview

There are 2 versions of picasa3.exe in the wild, the latest version being . It is started as a Windows Service called 'Websteroids'. By adding a startup entry to the run registry key, the file will be executed when the user logs into Windows. It is integrated as a plugin to Internet Explorer as a Browser Helper Object, often without any obvious user interface, and will load for each instance of IE. The average file size is about 4.75 MB.

DetailsDetails

File name:picasa3.exe
Typical file path:C:\Program Files\google\picasa3\picasa3.exe
Windows Service
Display name:Websteroids

BehaviorsBehaviors

(Note, the behaviors below are for all versions of picasa3.exe, select a unique version for details.)
Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
  • Handler name 'Picasa2ImportPicturesOnArrival'
Scheduled tasks
  • The job 'Adobe Flash Player Updater' runs daily in the path '\Adobe Flash Player Updater'
  • Entry path '\{CAD0A645-A3DB-42A5-8182-E086A7C10289}'
  • Entry path '\{8BB6D8DD-9790-48F6-8969-B3B962A5F2B8}'
  • Entry path '\{5C4C7580-D574-4DC0-9C84-E7CA9E749F81}'
  • Entry path '\{2AB35ACC-8046-445E-90BB-E753F69228E9}'
  • Entry path '\AppleSoftwareUpdate'
Safe for scripting controls
Marked as a safe ActiveX control for Internet Explorer (digitally signed with script execution permission)
  • Implemented as 'CLSID\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{D9BB4CEE-B87A-47F1-AC92-B08D9C7813FC}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CD0-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CCF-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CCE-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CCD-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CCC-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C531D9FD-9685-4028-8B68-6E1232079F1E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C45268A2-FA81-4E19-B1E3-72EDBD60AEDA}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{BB530C63-D9DF-4B49-9439-63453962E598}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{B64016F3-C9A2-4066-96F0-BD9563314726}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{B0EDF163-910A-11D2-B632-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{AD8E510D-217F-409B-8076-29C5E73B98E8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{A2E30750-6C3D-11D3-B653-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{A2E3074E-6C3D-11D3-B653-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{9CD64701-BDF3-4D14-8E03-F12983D86664}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{92ED88BF-879E-448f-B6B6-A385BCEB846D}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
Safe for initializing controls
  • {ADB880A6-D8FF-11CF-9377-00AA003B7A11}
  • {52A2AAAE-085D-4187-97EA-8C30DB990436}
  • {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8}
  • {F08DF954-8592-11D1-B16A-00C0F0283628}
  • {DD9DA666-8594-11D1-B16A-00C0F0283628}
  • {C74190B6-8589-11D1-B16A-00C0F0283628}
  • {C1A8AF25-1257-101B-8FB0-0020AF039CA3}
  • {BDD1F04B-858B-11D1-B16A-00C0F0283628}
  • {8E3867A3-8586-11D1-B16A-00C0F0283628}
  • {66833FE6-8583-11D1-B16A-00C0F0283628}
  • {35053A22-8589-11D1-B16A-00C0F0283628}
  • {2C247F23-8591-11D1-B16A-00C0F0283628}
  • {1EFB6596-857C-11D1-B16A-00C0F0283628}
Automation objects
  • CLSID: {B0EDF163-910A-11D2-B632-00C04F79498E}, registry path: 'CLSID\{B0EDF163-910A-11D2-B632-00C04F79498E}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {F08DF954-8592-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {DD9DA666-8594-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {C74190B6-8589-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {C1A8AF25-1257-101B-8FB0-0020AF039CA3}, registry path: 'CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {BDD1F04B-858B-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {8E3867A3-8586-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {66833FE6-8583-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {35053A22-8589-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {2C247F23-8591-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {1EFB6596-857C-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
Approved shell extensions
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
  • 'contact_wab_auto_file' with CLSID {CF67796C-F57F-45F8-92FB-AD698826C602}
  • 'group_wab_auto_file' with CLSID {16C2C29D-0E5F-45f3-A445-03E03F587B7D}
  • '.contact shell extension handler' with CLSID {8082C5E6-4C27-48ec-A809-B8E1122E8F97}
  • '.group shell extension handler' with CLSID {4F58F63F-244B-4c07-B29F-210BE59BE9B4}
  • 'Windows Contact Preview Handler' with CLSID {13D3C4B8-B179-4ebb-BF62-F704173E7448}
  • 'Desktop Shortcut' with CLSID {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}
  • 'Mail Service' with CLSID {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}
  • CLSID: {CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1}
  • CLSID: {62AE1F9A-126A-11D0-A14B-0800361B1103}
Shell open commands
  • InternetShortcut
PROTOCOLS handlers
  • tv
  • dvd
  • vbscript
  • res
  • mailto
  • javascript
  • about
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'help' → C:\users\user\appdata\Roaming\InstallDir\help.exe
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
  • BHO CLSID: {A80431BC-B3CA-EAD4-7106-2B788EB811BD}
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • Websteroids
Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'ezSharedSvc'

VersionsAll file variations of picasa3.exe

MD5SHA-1File size
d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 0 Bytes
177395ed74af1bc27f4002bcd1843e84 de73153ae460e9c34adf1f1355c5152c68c0c7b0 9.51 MB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows Vista Home Basic 54.47%
Windows Vista Business 26.02%
Windows 7 Ultimate 11.38%
Windows 7 Home Premium 2.44%
Windows Vista Home Premium 2.44%
Windows 7 Professional 1.63%
Windows 8 Pro 0.81%
Windows 8 0.81%

Distribution by countryDistribution by country

United States installs about 88.62% of picasa3.exe.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 90.79%
Hewlett-Packard 3.29%
Dell 2.63%
ASUS 1.32%
MSI 1.32%
Acer 0.66%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE