Should I block it?
22% of PCs block this file from running.
Additional versions
(Note, the developer publishes each variation of this file with the same version, but the hashes are unique.)
picasa3.exe
MD5: | d41d8cd98f00b204e9800998ecf8427e |
SHA1: | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
SHA256: | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
Overview
picasa3.exe runs as a service under the name Websteroids within the local user context. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. It is marked as a Safe for Scripting ActiveX control for IE which allows it to execute scripts within the web browser. It configures an autoplay handler withing explorer.exe named Picasa2ImportPicturesOnArrival that will launch the program automatically.
Details
File name: | picasa3.exe |
Typical file path: | C:\Program Files\google\picasa3\picasa3.exe |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Behaviors
Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
- Handler name 'Picasa2ImportPicturesOnArrival'
Scheduled tasks
- The job 'Adobe Flash Player Updater' runs daily in the path '\Adobe Flash Player Updater'
- Entry path '\{CAD0A645-A3DB-42A5-8182-E086A7C10289}'
- Entry path '\{8BB6D8DD-9790-48F6-8969-B3B962A5F2B8}'
- Entry path '\{5C4C7580-D574-4DC0-9C84-E7CA9E749F81}'
- Entry path '\{2AB35ACC-8046-445E-90BB-E753F69228E9}'
- Entry path '\AppleSoftwareUpdate'
Safe for scripting controls
Marked as a safe ActiveX control for Internet Explorer (digitally signed with script execution permission)
- Implemented as 'CLSID\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{D9BB4CEE-B87A-47F1-AC92-B08D9C7813FC}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{C5702CD0-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{C5702CCF-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{C5702CCE-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{C5702CCD-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{C5702CCC-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{C531D9FD-9685-4028-8B68-6E1232079F1E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{C45268A2-FA81-4E19-B1E3-72EDBD60AEDA}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{BB530C63-D9DF-4B49-9439-63453962E598}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{B64016F3-C9A2-4066-96F0-BD9563314726}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{B0EDF163-910A-11D2-B632-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{AD8E510D-217F-409B-8076-29C5E73B98E8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{A2E30750-6C3D-11D3-B653-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{A2E3074E-6C3D-11D3-B653-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{9CD64701-BDF3-4D14-8E03-F12983D86664}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
- Implemented as 'CLSID\{92ED88BF-879E-448f-B6B6-A385BCEB846D}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
Safe for initializing controls
- {ADB880A6-D8FF-11CF-9377-00AA003B7A11}
- {52A2AAAE-085D-4187-97EA-8C30DB990436}
- {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8}
- {F08DF954-8592-11D1-B16A-00C0F0283628}
- {DD9DA666-8594-11D1-B16A-00C0F0283628}
- {C74190B6-8589-11D1-B16A-00C0F0283628}
- {C1A8AF25-1257-101B-8FB0-0020AF039CA3}
- {BDD1F04B-858B-11D1-B16A-00C0F0283628}
- {8E3867A3-8586-11D1-B16A-00C0F0283628}
- {66833FE6-8583-11D1-B16A-00C0F0283628}
- {35053A22-8589-11D1-B16A-00C0F0283628}
- {2C247F23-8591-11D1-B16A-00C0F0283628}
- {1EFB6596-857C-11D1-B16A-00C0F0283628}
Automation objects
- CLSID: {B0EDF163-910A-11D2-B632-00C04F79498E}, registry path: 'CLSID\{B0EDF163-910A-11D2-B632-00C04F79498E}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {F08DF954-8592-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {DD9DA666-8594-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {C74190B6-8589-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {C1A8AF25-1257-101B-8FB0-0020AF039CA3}, registry path: 'CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {BDD1F04B-858B-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {8E3867A3-8586-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {66833FE6-8583-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {35053A22-8589-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {2C247F23-8591-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
- CLSID: {1EFB6596-857C-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
Approved shell extensions
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
- 'contact_wab_auto_file' with CLSID {CF67796C-F57F-45F8-92FB-AD698826C602}
- 'group_wab_auto_file' with CLSID {16C2C29D-0E5F-45f3-A445-03E03F587B7D}
- '.contact shell extension handler' with CLSID {8082C5E6-4C27-48ec-A809-B8E1122E8F97}
- '.group shell extension handler' with CLSID {4F58F63F-244B-4c07-B29F-210BE59BE9B4}
- 'Windows Contact Preview Handler' with CLSID {13D3C4B8-B179-4ebb-BF62-F704173E7448}
- 'Desktop Shortcut' with CLSID {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}
- 'Mail Service' with CLSID {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}
- CLSID: {CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1}
- CLSID: {62AE1F9A-126A-11D0-A14B-0800361B1103}
Shell open commands
PROTOCOLS handlers
- tv
- dvd
- vbscript
- res
- mailto
- javascript
- about
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'help' → C:\users\user\appdata\Roaming\InstallDir\help.exe
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
- BHO CLSID: {A80431BC-B3CA-EAD4-7106-2B788EB811BD}
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
Hosted services
Runs as a shared service under the Windows svcHost
- Shared name is 'ezSharedSvc'
Distribution by Windows OS
OS version | distribution |
Windows Vista Home Basic |
54.47% |
|
Windows Vista Business |
26.02% |
|
Windows 7 Ultimate |
11.38% |
|
Windows 7 Home Premium |
2.44% |
|
Windows Vista Home Premium |
2.44% |
|
Windows 7 Professional |
1.63% |
|
Windows 8 Pro |
0.81% |
|
Windows 8 |
0.81% |
|
Distribution by country
United States installs about 88.62% of picasa3.exe.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Toshiba |
90.79% |
|
Hewlett-Packard |
3.29% |
|
Dell |
2.63% |
|
ASUS |
1.32% |
|
MSI |
1.32% |
|
Acer |
0.66% |
|