Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

15.0.4623.1000 0.35%
15.0.4623.1000 0.12%
15.0.4615.1000 1.27%
15.0.4615.1000 1.04%
15.0.4615.1000 0.35%
15.0.4551.1011 0.12%
15.0.4551.1004 0.23%
15.0.4551.1004 0.12%
15.0.4551.1004 0.12%
15.0.4535.1508 0.58%
15.0.4535.1006 0.58%
15.0.4535.1006 0.23%
15.0.4535.1004 0.23%
15.0.4517.1509 0.12%
15.0.4517.1509 0.12%
15.0.4517.1003 0.23%
15.0.4505.1510 0.69%
15.0.4505.1002 0.12%
15.0.4505.1002 0.23%
15.0.4505.1002 0.23%
15.0.4481.1508 1.27%
15.0.4481.1508 0.12%
15.0.4481.1003 1.15%
15.0.4454.1511 0.12%
15.0.4420.1017 0.12%
View more

Relationships

Child process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
CryptAcquireContextA, ImpersonateSelf, OpenThreadToken, LookupPrivilegeValueA, AdjustTokenPrivileges, RevertToSelf, CredReadW, RegisterEventSourceA, OpenProcessToken, GetTokenInformation, ConvertSidToStringSidW, OpenSCManagerA, OpenServiceW, QueryServiceConfigW, CloseServiceHandle, RegQueryInfoKeyW, RegEnumKeyW, RegQueryValueW, RegDeleteKeyW, CryptGenRandom, RegQueryValueA, IsTextUnicode, RegEnumValueW, RegSetValueExW, RegEnumKeyExA, RegDeleteKeyA, RegEnumKeyA, GetUserNameA, RegisterEventSourceW, ReportEventW, DeregisterEventSource, RegCreateKeyExW, RegDeleteValueW, AllocateAndInitializeSid, FreeSid, RegOpenKeyExW, RegQueryValueExW, RegEnumKeyExW, CryptAcquireContextW, CryptGetProvParam, CryptReleaseContext, RegQueryInfoKeyA, RegEnumValueA, RegCreateKeyExA, RegSetValueExA, RegDeleteValueA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, StartTraceW, EnableTrace, StopTraceW, CredFree, UnregisterTraceGuids, TraceEvent, RegisterTraceGuidsA, GetTraceLoggerHandle, GetTraceEnableLevel, GetTraceEnableFlags, CryptDestroyHash, CryptGetHashParam, CryptHashData, CryptCreateHash
credui.dll
CredUIConfirmCredentialsW, CredUIPromptForCredentialsW
gdi32.dll
GetBitmapBits, DeleteMetaFile, PlayEnhMetaFile, CreateEnhMetaFileA, CloseEnhMetaFile, DeleteEnhMetaFile, StartDocW, CreateDCW, CreateICW, ExtCreatePen, EndDoc, EndPage, StartPage, StartDocA, GetViewportExtEx, GetWindowExtEx, GetViewportOrgEx, SetMetaFileBitsEx, GetTextMetricsW, GetClipRgn, GetRgnBox, SetMapMode, DPtoLP, GdiFlush, FillRgn, CreateDIBSection, EnumFontFamiliesExA, CreateICA, GetClipBox, EnumFontFamiliesExW, GetTextAlign, Polygon, SetViewportOrgEx, IntersectClipRect, GetPaletteEntries, CreatePatternBrush, CreateDCA, SelectClipRgn, Escape, RectVisible, PtVisible, GetPixel, GetBitmapDimensionEx, SetBitmapDimensionEx, StretchDIBits, GetDIBits, SetDIBits, SetBrushOrgEx, GetObjectType, LPtoDP, GetCurrentObject, PatBlt, GetBkMode, CombineRgn, CreateRectRgnIndirect, CreateRectRgn, GetTextExtentPointA, TextOutA, GetBkColor, SetStretchBltMode, GetDIBColorTable, CreatePalette, CreateCompatibleBitmap, StretchBlt, GetTextExtentPoint32A, SaveDC, RestoreDC, GetTextColor, GetTextFaceW, Polyline, ExtTextOutW, GetTextMetricsA, GetTextExtentPoint32W, SetWindowOrgEx, SetTextAlign, ExcludeClipRect, SetDCPenColor, CreateBrushIndirect, GetStockObject, Rectangle, GetObjectA, DeleteDC, BitBlt, CreateBitmap, CreateCompatibleDC, GetDeviceCaps, CreatePen, MoveToEx, LineTo, GetObjectW, CreateFontIndirectW, SelectPalette, RealizePalette, SetBkMode, EnumMetaFile, GetMetaFileBitsEx, CloseMetaFile, CreateMetaFileA, SetLayout, RoundRect, GetTextExtentPointW, GetTextExtentExPointW, GetWindowOrgEx, RectInRegion, CreateRoundRectRgn, FrameRgn, CreateHatchBrush, CreateDIBitmap, CopyMetaFileA, TextOutW, SetPolyFillMode, SetROP2, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, SetAbortProc, ScaleWindowExtEx, GetCurrentPositionEx, PlayMetaFileRecord, PlayMetaFile, GetMapMode, GetNearestColor, GetPolyFillMode, GetROP2, GetStretchBltMode, GetTextFaceA, GetCharWidthA, UnrealizeObject, DeleteObject, SelectObject, ExtTextOutA, SetBkColor, CreateSolidBrush, CreateFontIndirectA, SetTextColor, GetLayout, OffsetRgn, Ellipse
imm32.dll
ImmNotifyIME, ImmReleaseContext, ImmGetContext
kernel32.dll
DllMain
msvcp90.dll
DllMain
msvcr80.dll
DllMain
msvcr90.dll
DllMain
ole32.dll
ReadClassStm, DoDragDrop, OleGetClipboard, OleDuplicateData, CoRegisterMessageFilter, OleFlushClipboard, OleIsCurrentClipboard, StringFromIID, CoFileTimeNow, OleCreateDefaultHandler, CLSIDFromString, CreateDataAdviseHolder, CreateOleAdviseHolder, CoRevokeClassObject, CoRegisterClassObject, GetRunningObjectTable, WriteClassStm, ProgIDFromCLSID, OleCreateLink, OleLoad, ReadFmtUserTypeStg, OleConvertOLESTREAMToIStorage, OleConvertIStorageToOLESTREAM, OleMetafilePictFromIconAndLabel, OleRegGetUserType, OleRegEnumVerbs, CreateFileMoniker, BindMoniker, StgIsStorageFile, ReadClassStg, CoGetMalloc, CreateDataCache, IIDFromString, CoAllowSetForegroundWindow, CoGetInterfaceAndReleaseStream, IsAccelerator, CoCreateInstance, GetClassFile, OleSetClipboard, StgOpenStorageOnILockBytes, CoFreeUnusedLibraries, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, RevokeDragDrop, RegisterDragDrop, CoLockObjectExternal, CoCreateGuid, StringFromGUID2, OleInitialize, OleUninitialize, OleRun, PropVariantClear, CLSIDFromProgID, CoDisconnectObject, OleCreateEmbeddingHelper, CreateBindCtx, StringFromCLSID, CoSuspendClassObjects, GetHGlobalFromStream, ReleaseStgMedium, CoInitialize, CoUninitialize, OleSetMenuDescriptor, CoTaskMemRealloc, CreateStreamOnHGlobal, CoTaskMemAlloc, CoTaskMemFree, OleDraw, WriteClassStg, WriteFmtUserTypeStg, CoGetClassObject, CoInitializeEx
user32.dll
DllMain
version.dll
VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
Export table
_GetAllocCounters@0
CleanupAddressComponents
CleanupAddressComponents@4
CleanupNameComponents
CleanupNameComponents@4
DllCanUnloadNow
DllGetClassObject
dwIsLoggingEnabled
dwIsLoggingEnabled@0
FAllowStoreToSend
FAllowStoreToSend@0
FDisplayBucketedString
FDisplayBucketedString@16
FDisplayCountedBucketedString
FDisplayCountedBucketedString@24
FEnableAMapProgress
FEnableAMapProgress@4
FFolderSupportsUnicode
FFolderSupportsUnicode@4
FIsOutlookBooting
FIsOutlookBooting@0
FIsSpecialFolderName
FIsSpecialFolderName@8
FOutlookIsBooting
FOutlookIsBooting@0
FOutlookIsDeepSyncing
FOutlookIsDeepSyncing@0
FOutlookIsResuming
FOutlookIsResuming@0
FPersonaStatusOn
FPersonaStatusOn@0
FreeWSRetryState
FreeWSRetryState@4
FStoreSupportsUnicode
FStoreSupportsUnicode@4
GetAssociatedMessageForAcct
GetAssociatedMessageForAcct@8
GetAssociatedMessageForFolder
GetAssociatedMessageForFolder@24
GetCentralObject@8
GetCurrentDate@4
GetFBPublishingInterval
GetFBPublishingInterval@12
GetFBPublishingInterval@8
GetMsoInst
GetMsoInst@4
GetOutlookSafeModeState
GetOutlookSafeModeState@0
HrAttachModelessDialogFrame@8
HrClearViewList
HrClearViewList@0
HrCollectSectionFDMTableData
HrCollectSectionFDMTableData@8
HrCreateOsmSyncShareTask
HrCreateOsmSyncShareTask@16
HrDisplayFolderPickerForOutlookToday@0
HrDoOneOffDialog@12
HrEnableFBPublishing
HrEnableFBPublishing@4
HrEnableFBPublishing@8
HrEnsureIMManager
HrEnsureIMManager@4
HrExternalSyncAccount
HrExternalSyncAccount@16
HrFindAContact@4
HrFlushSpamFilterLists
HrFlushSpamFilterLists@4
HrGetAMapProgressObject
HrGetAMapProgressObject@8
HrGetCacheSetupProgressObject
HrGetCacheSetupProgressObject@4
HrGetFileAsString
HrGetFileAsString@24
HrGetGlobalOfflineState
HrGetGlobalOfflineState@4
HrGetOABURL
HrGetOABURL@20
HrGetOABURL@24
HrGetRemoveOnNuke
HrGetRemoveOnNuke@12
HrGetRulesMachineID
HrGetRulesMachineID@12
HrGetSharedBackgroundSession
HrGetSharedBackgroundSession@4
HrGetTCRebuildProgressObject
HrGetTCRebuildProgressObject@8
HrImportRules
HrImportRules@20
HrLaunchFBPublishingDialog
HrLaunchFBPublishingDialog@4
HrMessagesMovedBySpam
HrMessagesMovedBySpam@8
HrMsgDownloadedNotification
HrMsgDownloadedNotification@4
HrNukeSpamMessage
HrNukeSpamMessage@28
HrParseFullAddress
HrParseFullAddress@8
HrParseFullName
HrParseFullName@8
HrPostSubmitProcessing
HrPostSubmitProcessing@4
HrProcessConvActionForSentItem
HrProcessConvActionForSentItem@16
HrRebuildFullAddress
HrRebuildFullAddress@8
HrRebuildFullName
HrRebuildFullName@8
HrRegisterForms
HrRegisterForms@8
HrSendAllPendingMail
HrSendAllPendingMail@0
HrSetOutlookSpecialFolderEntryID
HrShowPubCalWizard
HrShowPubCalWizard@4
HrShowRenFFDialog2
HrShowRenFFDialog2@40
HrWaitForTransports
HrWaitForTransports@0
MAPIMHeapAlloc
MAPIMHeapAlloc@4
MAPIMHeapCreate
MAPIMHeapCreate@16
MAPIMHeapDestroy
MAPIMHeapDestroy@0
MAPIMHeapFree
MAPIMHeapFree@4
MAPIMHeapReAlloc
MAPIMHeapReAlloc@8
MAPIMHeapSize
MAPIMHeapSize@4
OlkFUseUSHeaders
OlkFUseUSHeaders@4
OlkGetCharSet
OlkGetCharSet@0
OlkGetCodepageUI
OlkGetCodepageUI@0
OlkGetResourceHandle
OlkGetResourceHandle@0
OlkGetUIlangID
OlkGetUIlangID@0
OlkLoadPrivateMAPI
OlkLoadPrivateMAPI@4
OutlookSyncEventOccurred
OutlookSyncEventOccurred@4
OutlookSyncEventOccurredEx
OutlookSyncEventOccurredEx@8
PushSavedKeyToCicero
PushSavedKeyToCicero@0
RefreshOutlookETWLoggingState
RefreshOutlookETWLoggingState@0
ReleaseResObjStreams
ReleaseResObjStreams@4
ShowFailedOSRepairDlg
ShowFailedOSRepairDlg@0
ShowOSRepairDlg
ShowOSRepairDlg@0
SmoothScroll
SmoothScroll@4
StdCoCreateInstance@20
UpdateContactTracker
UpdateContactTracker@0
XGetExplorerStoragePath@16

Outlook.exe

Microsoft Office Outlook by Microsoft Corporation (Signed)

Remove Outlook.exe
Version:   15.0.4481.1508
MD5:   b0f0815c488a8caf5f496a28a66aa167
SHA1:   94fd665c9caae11f0ba0cbb098ea837d9a409974
SHA256:   4a76353f0eb5bdb959907424cd0b1f67d8a85b51c2bfa92126a73f31cc59dd42

What is Outlook.exe?

Microsoft Outlook is a personal information manager that can be used as a stand-alone application, or can work with Microsoft Exchange Server and Microsoft SharePoint Server for multiple users in an organization, such as shared mailboxes and calendars, Exchange public folders, SharePoint lists and meeting schedules.

Overview

outlook.exe executes as a process with the local user's privileges. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. The file is digitally signed by Microsoft Corporation.

DetailsDetails

File name:outlook.exe
Publisher:Microsoft Corporation
Product name:Microsoft Office Outlook
Typical file path:C:\Program Files\microsoft office\office12\outlook.exe
File version:15.0.4481.1508
Size:17.49 MB (18,343,576 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, January 11, 2013
Digital DNA
PE subsystem:Windows GUI
File packed:No
Code language:Microsoft Visual C++ 8.0
.NET CLR:No
More details

BehaviorsBehaviors

Shell open commands
  • vcffile
  • msgfile
  • mailto
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Office12\OUTLOOK.EXE'
  • Firewall exception for 'C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE'
  • Firewall exception for 'C:\Programas\Microsoft Office\Office12\OUTLOOK.EXE'
  • Firewall exception for 'C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE'
  • Firewall exception for 'C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE'
  • Firewall exception for 'C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE'
  • Firewall exception for 'C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE'
  • Firewall exception for 'C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE'
Scheduled tasks
  • The task '{D755A752-2736-437A-8856-96F70114AD2C}' runs on registration in the path '\{D755A752-2736-437A-8856-96F70114AD2C}'
  • The task '{4F18088F-79E8-459D-B915-FC54A9DCB3D9}' runs on registration in the path '\{4F18088F-79E8-459D-B915-FC54A9DCB3D9}'
  • Entry path '\{F75C2CB4-A214-429C-B241-7D78CF1DAC07}'
  • Entry path '\{50C269B6-78D9-496E-BF6A-08192DACD341}'
  • Entry path '\{4D2A71B1-1939-4C82-A772-2076D77AB91F}'
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Microsoft Office Outlook' → C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\Office12\OUTLOOK.EXE
Network connections
Access through an approved Windows firewall exception
  • [UDP] listens on port 58638
  • [UDP] listens on port 52938

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00074676%
    0.028634%
    Kernel CPU:0.00052539%
    0.013761%
    User CPU:0.00022136%
    0.014873%
    Kernel CPU time:50,867 ms/min
    100,923,805ms/min
    CPU cycles:6,863,472/sec
    17,470,203/sec
    Context switches:74/sec
    284/sec
    Memory
    Private memory:107.36 MB
    21.59 MB
    Private (maximum):185.17 MB
    Private (minimum):75.19 MB
    Non-paged memory:107.36 MB
    21.59 MB
    Virtual memory:762.6 MB
    140.96 MB
    Virtual memory (peak):874.14 MB
    169.69 MB
    Working set:159.2 MB
    18.61 MB
    Working set (peak):224.79 MB
    37.95 MB
    Page faults:3,419,136/min
    2,039/min
    I/O
    I/O read transfer:579.6 KB/sec
    1.02 MB/min
    I/O read operations:360/sec
    343/min
    I/O write transfer:126.85 KB/sec
    274.99 KB/min
    I/O write operations:147/sec
    227/min
    I/O other transfer:57.2 KB/sec
    448.09 KB/min
    I/O other operations:1,187/sec
    1,671/min
    Resource allocations
    Threads:46
    12
    Handles:4606
    600
    GUI GDI count:778
    103
    GUI GDI peak:831
    142
    GUI USER count:496
    49
    GUI USER peak:594
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:64-bit
    Command line:"C:\Program Files\microsoft office 15\root\office15\outlook.exe"
    Owner:User
    Parent process:explorer.exe (Windows Explorer by Microsoft Corporation)

    ResourcesThreads

    Averages
     
    OUTLOOK.EXE (main module)
    Total CPU:0.03163675%
    0.272967%
    Kernel CPU:0.01196771%
    0.107585%
    User CPU:0.01966904%
    0.165382%
    CPU cycles:1,021,778/sec
    5,741,424/sec
    Context switches:3/sec
    79/sec
    Memory:17.5 MB
    1.16 MB
    wow64.dll
    Total CPU:0.00278268%
    Kernel CPU:0.00180132%
    User CPU:0.00098136%
    CPU cycles:91,689/sec
    Memory:276 KB
    wow64cpu.dll
    Total CPU:0.00153003%
    Kernel CPU:0.00111759%
    User CPU:0.00041244%
    CPU cycles:44,762/sec
    Memory:32 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 22.50%
    Microsoft Windows XP 19.50%
    Windows 7 Ultimate 18.50%
    Windows 8.1 10.50%
    Windows 8.1 Pro 6.00%
    Windows 7 Professional 6.00%
    Windows 8 Pro 5.00%
    Windows 8 4.00%
    Windows 8.1 Single Language 2.00%
    Windows Vista Home Premium 1.50%
    Windows 8 Single Language 1.00%
    Windows 8 Enterprise 1.00%
    Windows 8.1 Pro Preview 1.00%
    Windows 7 Home Basic 1.00%
    Windows 8.1 Enterprise Evaluation 0.50%

    Distribution by countryDistribution by country

    United States installs about 27.41% of Microsoft Office Outlook.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Dell 16.36%
    ASUS 14.13%
    Hewlett-Packard 13.75%
    Lenovo 12.64%
    Toshiba 9.67%
    Compaq 8.18%
    Acer 7.43%
    Sony 4.46%
    Intel 3.72%
    American Megatrends 3.35%
    GIGABYTE 2.97%
    Sahara 1.86%
    Samsung 1.12%
    Alienware 0.37%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE