picasa3.exe

Picasa

Google Inc.

It runs as a scheduled task under the Windows Task Scheduler. This is installed with multiple programs including Picasa and Picasa 3. The file has been seen being downloaded from us-mg6.mail.yahoo.com.
Publisher:
Google Inc.  (signed and verified)

Product:
Picasa

Version:
3.9.136.20

MD5:
31ba44fe30809e6f11738743325de4c4

SHA-1:
7250edaf0fa40651174923be517ab22ebbbf4459

SHA-256:
aa4818008da7c6a393b9c2a03abc3629280bd62f5c687cdee65dbc746c02f98a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 5:23:55 AM UTC  (today)

File size:
9.5 MB (9,967,944 bytes)

Product version:
3.9.0

Copyright:
© 2003-2011 Google Inc.

Original file name:
Picasa.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\google\picasa3\picasa3.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/20/2011 7:00:00 PM

Valid to:
6/20/2013 6:59:59 PM

Subject:
CN=Google Inc., OU=Digital ID Class 3 - Java Object Signing, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc., L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0D33F28709E263DE83AFFD883E39B912

File PE Metadata
Compilation timestamp:
4/2/2013 9:27:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
196608:EPtBt6j99+NNGvOAB4sh04jg44l7jMSetsKZk1rEIgkOCQzcWQbVpIkaW8nfQzzt:EPzt6j99+NgvOABNh04jg44l7jMSetsL

Entry address:
0x7C6736

Entry point:
E8, FB, 17, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, B8, AE, D1, 00, 89, 0D, B4, AE, D1, 00, 89, 15, B0, AE, D1, 00, 89, 1D, AC, AE, D1, 00, 89, 35, A8, AE, D1, 00, 89, 3D, A4, AE, D1, 00, 66, 8C, 15, D0, AE, D1, 00, 66, 8C, 0D, C4, AE, D1, 00, 66, 8C, 1D, A0, AE, D1, 00, 66, 8C, 05, 9C, AE, D1, 00, 66, 8C, 25, 98, AE, D1, 00, 66, 8C, 2D, 94, AE, D1, 00, 9C, 8F, 05, C8, AE, D1, 00, 8B, 45, 00, A3, BC, AE, D1, 00, 8B, 45, 04, A3, C0, AE, D1, 00, 8D, 45, 08, A3, CC, AE, D1, 00, 8B...
 
[+]

Entropy:
6.5982

Code size:
8.1 MB (8,478,720 bytes)

Autoplay Handler
Display name:
Picasa2ImportPicturesOnArrival


Scheduled Task
Task name:
{4018F366-6AC2-4426-9557-DE01AFEF0A61}

Trigger:
Registration (Runs on registration)


The file picasa3.exe has been discovered within the following programs.

Picasa  by Google Inc
10% remove it
Picasa 2  by Google Inc
Picasa is an image organizer and image viewer for organizing and editing digital photos, plus an integrated photo-sharing website. Picasa is 3 supports Windows XP, Windows Vista and Windows 7, and has Google+ integration for users of that service. Version 3.
www.picasa.com/support
6% remove it
Picasa 3  by Google Inc
Publisher's description - “Picasa can transfer, find, organize, edit, print, and share images, all with this easy-to-use product. Watch Picasa automatically organize all your pictures into elegant albums by date. Having all your photos in one place means no more time wasted searching for folders or files.”
www.picasa.com
6% remove it
 
Powered by Should I Remove It?

The file picasa3.exe has been seen being distributed by the following URL.