setup.exe

Picasa Updater

Google Inc

This is a setup and installation application. The file has been seen being downloaded from r3---sn-8ph2xajvh-bvwe.gvt1.com and multiple other hosts.
Publisher:
Google Inc.  (signed by Google Inc)

Product:
Picasa Updater

Description:
Picasa

Version:
3.9.137.1410

MD5:
2294324cc84ba6d4ce08355580723189

SHA-1:
079a3c9efdaa737e75134b01c9f3d0397d7d0f0f

SHA-256:
5537adcc9afc6ac96fa6b5866debab705c30e4e8a46e9cf5f831d594c134a6e0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/6/2016 5:10:09 PM UTC  (today)

File size:
16.5 MB (17,312,072 bytes)

Product version:
3.9.0

Copyright:
© 2004-2011 Google Inc.

Original file name:
Picasa Updater

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\google\picasa2\update\lifescapeupdater\setup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/29/2014 1:00:00 AM

Valid to:
1/30/2016 12:59:59 AM

Subject:
CN=Google Inc, OU=Digital ID Class 3 - Java Object Signing, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2912C70C9A2B8A3EF6F6074662D68B8D

File PE Metadata
Compilation timestamp:
6/6/2014 12:31:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:J91ShmSwbFMqi6NZt9huAeH0B/ghE0lbNpe3OyEKkByo3pX:J/S0kqi699hutg/0E0lbkzETX

Entry address:
0x69A7

Entry point:
E8, 2B, 4B, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, 33, C9, 3B, 04, CD, 70, 80, 41, 00, 74, 12, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0C, 6A, 0D, 58, C3, 8B, 04, CD, 74, 80, 41, 00, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, C3, E8, 4E, 21, 00, 00, 85, C0, 75, 06, B8, D8, 81, 41, 00, C3, 83, C0, 08, C3, E8, 3B, 21, 00, 00, 85, C0, 75, 06, B8, DC, 81, 41, 00, C3, 83, C0, 0C, C3, 56, E8, E7, FF, FF, FF, 8B, 4C, 24, 08, 51, 89, 08, E8, 8D, FF, FF, FF, 59, 8B, F0...
 
[+]

Code size:
72 KB (73,728 bytes)

The file setup.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file setup.exe has been seen being distributed by the following 50 URLs.

https://r3---sn-8ph2xajvh-bvwe.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r7---sn-uxap5nvoxg5-5goe.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r2---sn-uxaxjvhxbt2u-5ate.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r6---sn-2aqu-jqve.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r6---sn-0opoxu-2cje7.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r3---sn-4p8xoxu-cvhs.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r7---sn-qxa7en7e.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r4---sn-x1x7sn7r.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r7---sn-2uja-2xfe.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r1---sn-uxajvoxu-btxl.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r2---sn-np2a-2o9e.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r3---sn-n4v7kn7l.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r4---sn-uxaxjvhxbt2u-5ats.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r1---sn-uxaxjvhxbt2u-j5pl.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r2---sn-qu5j-c33l.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r6---sn-5np5po4v-c33ly.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r3---sn-oxunxg8pjvn-cnce.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r1---sn-a5m7lnee.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r2---sn-uigxxn0h5ug5-2ahe.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r7---sn-ci5gup-qxas.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r7---sn-uxaxjvh5gbxoupo5-jvge.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r6---sn-uv2oxu-3c2e.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r6---sn-cnoa-pmje.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r2---sn-apo3qvuoxuxbt-5ate.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r1---sn-uxaxovg-vnad.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r3---sn-qo5po4vuxa-cvhe.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r4---sn-uxap5nvoxg5-5goe.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r3---sn-jvcg5oxu-avne.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r2---sn-npo7zn7k.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

https://r5---sn-2uuxa3vh-jb3d.gvt1.com/edgedl/.../public-update-3.9.137.141.exe

Latest 30 of 763 download URLs