Should I block it?

22%
22% of PCs block this file from running.

VersionsAdditional versions

d41d8 99.19%
17739 0.81%
(Note, the developer publishes each variation of this file with the same version, but the hashes are unique.)

picasa3.exe

Remove picasa3.exe
MD5:   d41d8cd98f00b204e9800998ecf8427e
SHA1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256:   e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Overview

picasa3.exe runs as a service under the name Websteroids within the local user context. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). It is installed in Internet Explorer as a Browser Helper Object (BHO) which has full acess to the web browser's behaviors and content. It is marked as a Safe for Scripting ActiveX control for IE which allows it to execute scripts within the web browser. It configures an autoplay handler withing explorer.exe named Picasa2ImportPicturesOnArrival that will launch the program automatically.

DetailsDetails

File name:picasa3.exe
Typical file path:C:\Program Files\google\picasa3\picasa3.exe
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
  • Handler name 'Picasa2ImportPicturesOnArrival'
Scheduled tasks
  • The job 'Adobe Flash Player Updater' runs daily in the path '\Adobe Flash Player Updater'
  • Entry path '\{CAD0A645-A3DB-42A5-8182-E086A7C10289}'
  • Entry path '\{8BB6D8DD-9790-48F6-8969-B3B962A5F2B8}'
  • Entry path '\{5C4C7580-D574-4DC0-9C84-E7CA9E749F81}'
  • Entry path '\{2AB35ACC-8046-445E-90BB-E753F69228E9}'
  • Entry path '\AppleSoftwareUpdate'
Safe for scripting controls
Marked as a safe ActiveX control for Internet Explorer (digitally signed with script execution permission)
  • Implemented as 'CLSID\{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{D9BB4CEE-B87A-47F1-AC92-B08D9C7813FC}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CD0-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CCF-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CCE-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CCD-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C5702CCC-9B79-11D3-B654-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C531D9FD-9685-4028-8B68-6E1232079F1E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{C45268A2-FA81-4E19-B1E3-72EDBD60AEDA}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{BB530C63-D9DF-4B49-9439-63453962E598}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{B64016F3-C9A2-4066-96F0-BD9563314726}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{B0EDF163-910A-11D2-B632-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{ADB880A6-D8FF-11CF-9377-00AA003B7A11}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{AD8E510D-217F-409B-8076-29C5E73B98E8}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{A2E30750-6C3D-11D3-B653-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{A2E3074E-6C3D-11D3-B653-00C04F79498E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{9CD64701-BDF3-4D14-8E03-F12983D86664}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
  • Implemented as 'CLSID\{92ED88BF-879E-448f-B6B6-A385BCEB846D}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
Safe for initializing controls
  • {ADB880A6-D8FF-11CF-9377-00AA003B7A11}
  • {52A2AAAE-085D-4187-97EA-8C30DB990436}
  • {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8}
  • {F08DF954-8592-11D1-B16A-00C0F0283628}
  • {DD9DA666-8594-11D1-B16A-00C0F0283628}
  • {C74190B6-8589-11D1-B16A-00C0F0283628}
  • {C1A8AF25-1257-101B-8FB0-0020AF039CA3}
  • {BDD1F04B-858B-11D1-B16A-00C0F0283628}
  • {8E3867A3-8586-11D1-B16A-00C0F0283628}
  • {66833FE6-8583-11D1-B16A-00C0F0283628}
  • {35053A22-8589-11D1-B16A-00C0F0283628}
  • {2C247F23-8591-11D1-B16A-00C0F0283628}
  • {1EFB6596-857C-11D1-B16A-00C0F0283628}
Automation objects
  • CLSID: {B0EDF163-910A-11D2-B632-00C04F79498E}, registry path: 'CLSID\{B0EDF163-910A-11D2-B632-00C04F79498E}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {F08DF954-8592-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {DD9DA666-8594-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {C74190B6-8589-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {C1A8AF25-1257-101B-8FB0-0020AF039CA3}, registry path: 'CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {BDD1F04B-858B-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {8E3867A3-8586-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {66833FE6-8583-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {35053A22-8589-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {2C247F23-8591-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
  • CLSID: {1EFB6596-857C-11D1-B16A-00C0F0283628}, registry path: 'CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}'
Approved shell extensions
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved'
  • 'contact_wab_auto_file' with CLSID {CF67796C-F57F-45F8-92FB-AD698826C602}
  • 'group_wab_auto_file' with CLSID {16C2C29D-0E5F-45f3-A445-03E03F587B7D}
  • '.contact shell extension handler' with CLSID {8082C5E6-4C27-48ec-A809-B8E1122E8F97}
  • '.group shell extension handler' with CLSID {4F58F63F-244B-4c07-B29F-210BE59BE9B4}
  • 'Windows Contact Preview Handler' with CLSID {13D3C4B8-B179-4ebb-BF62-F704173E7448}
  • 'Desktop Shortcut' with CLSID {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}
  • 'Mail Service' with CLSID {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}
  • CLSID: {CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1}
  • CLSID: {62AE1F9A-126A-11D0-A14B-0800361B1103}
Shell open commands
  • InternetShortcut
PROTOCOLS handlers
  • tv
  • dvd
  • vbscript
  • res
  • mailto
  • javascript
  • about
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'help' → C:\users\user\appdata\Roaming\InstallDir\help.exe
Internet Explorer Browser Helper Object
Located in the registry at 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects'
  • BHO CLSID: {A80431BC-B3CA-EAD4-7106-2B788EB811BD}
Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • Websteroids
Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'ezSharedSvc'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows Vista Home Basic 54.47%
Windows Vista Business 26.02%
Windows 7 Ultimate 11.38%
Windows 7 Home Premium 2.44%
Windows Vista Home Premium 2.44%
Windows 7 Professional 1.63%
Windows 8 Pro 0.81%
Windows 8 0.81%

Distribution by countryDistribution by country

United States installs about 88.62% of picasa3.exe.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 90.79%
Hewlett-Packard 3.29%
Dell 2.63%
ASUS 1.32%
MSI 1.32%
Acer 0.66%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE