Should I block it?

No, this file is 100% safe to run.

Additional versions

74fff	42.11%
2adf9	5.26%
b1c6c	15.79%
7e41f	5.26%
30091	5.26%
dce71	10.53%
75e85	5.26%
1eba2	5.26%
d0cff	5.26%

(Note, the developer publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

services.exe (Services and Controller app by Microsoft)

PE file structure

Show functions

Import table

advapi32.dll

OpenServiceA, ControlService, QueryServiceStatus, DeleteService, OpenSCManagerA, CreateServiceA, CloseServiceHandle, SetServiceStatus, RegisterServiceCtrlHandlerA, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, StartServiceCtrlDispatcherA

gdi32.dll

Escape, ExtTextOutA, TextOutA, RectVisible, PtVisible, ScaleWindowExtEx, SetWindowExtEx, ScaleViewportExtEx, SetViewportExtEx, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, GetStockObject, SelectObject, RestoreDC, GetClipBox, CreateBitmap, SetTextColor, SetBkColor, GetObjectA, GetDeviceCaps, DeleteObject, DeleteDC, SaveDC

kernel32.dll

FreeLibrary, LoadLibraryA, LocalAlloc, TlsAlloc, GlobalFree, GlobalUnlock, GlobalHandle, GlobalLock, GlobalReAlloc, GlobalAlloc, TlsSetValue, LocalReAlloc, TlsGetValue, GetProcessVersion, lstrcmpA, GlobalFlags, GetCPInfo, GetOEMCP, WriteFile, SetFilePointer, FlushFileBuffers, RtlUnwind, RaiseException, GetStartupInfoA, GetCommandLineA, HeapAlloc, HeapFree, ExitThread, HeapSize, HeapReAlloc, TerminateProcess, GetACP, SetUnhandledExceptionFilter, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, HeapDestroy, HeapCreate, VirtualFree, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, VirtualAlloc, IsBadWritePtr, IsBadReadPtr, IsBadCodePtr, SetStdHandle, GetVersion, lstrcatA, GlobalGetAtomNameA, lstrcmpiA, GlobalAddAtomA, GlobalFindAtomA, GlobalDeleteAtom, lstrcpyA, GetModuleHandleA, GetProcAddress, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, lstrcpynA, SetLastError, CreateEventA, SuspendThread, GetCurrentThreadId, SetThreadPriority, ResumeThread, SetEvent, WaitForSingleObject, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, lstrlenA, WideCharToMultiByte, GetModuleFileNameA, CreateMutexA, CreateThread, CreateNamedPipeA, ConnectNamedPipe, ReadFile, FormatMessageA, LocalLock, LocalFree, GetLogicalDrives, DeviceIoControl, Sleep, GetPrivateProfileStringA, ExitProcess, GetLocalTime, WritePrivateProfileStringA, GetLastError, CreateFileA, GetCurrentProcess, CloseHandle, GetEnvironmentVariableA, GetVersionExA

shlwapi.dll

PathFileExistsA

user32.dll

MessageBoxA, GetTopWindow, EnableWindow, CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, LoadIconA, SetWindowTextA, IsWindowEnabled, GetSysColorBrush, ReleaseDC, GetDC, GetClassNameA, PtInRect, ClientToScreen, PostQuitMessage, DestroyMenu, TabbedTextOutA, DrawTextA, GrayStringA, GetCapture, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetDlgItem, GetWindowTextA, GetDlgCtrlID, DestroyWindow, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetLastActivePopup, GetForegroundWindow, SetForegroundWindow, GetWindow, GetWindowLongA, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, GetSystemMetrics, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetParent, GetNextDlgTabItem, LoadStringA, GetActiveWindow, SendMessageA, GetKeyState, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, WinHelpA, FindWindowA, PostMessageA, LoadCursorA, RegisterClassExA, CreateWindowExA, ShowWindow, DefWindowProcA, DispatchMessageA, TranslateMessage, GetMessageA, TranslateAcceleratorA, LoadAcceleratorsA, UpdateWindow, CallNextHookEx

winspool.drv

OpenPrinterA, DocumentPropertiesA, ClosePrinter

chgservice.exe

Remove chgservice.exe

MD5:	2adf9498e3d886f3c53fe3dc1585d456
SHA1:	e20138cb54cbdffba43672ee003a40f96b9c11fb
SHA256:	214a7c0133dcc28ec70af65eba94e70bda2446612b88756a69eac0b4768c9756

Overview

chgservice.exe runs as a service under the name Change Modem Device Service with extensive SYSTEM privileges (full administrator access).

Details

File name:	chgservice.exe
Typical file path:	C:\windows\syswow64\chgservice.exe
Size:	112 KB (114,688 bytes)
Digital DNA
File packed:	No
.NET CLR:	No

More details

Behaviors

Service

Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)

'Change Modem Device Service'

Resource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)

Averages

Memory
Private memory:	704 KB	21.59 MB
Private (maximum):	2.27 MB
Private (minimum):	1.25 MB
Non-paged memory:	704 KB	21.59 MB
Virtual memory:	30.52 MB	140.96 MB
Virtual memory (peak):	32.5 MB	169.69 MB
Working set:	1.25 MB	18.61 MB
Working set (peak):	2.59 MB	37.95 MB
Page faults:	697/min	2,039/min
I/O
I/O other transfer:	0 Bytes/sec	448.09 KB/min
I/O other operations:	1/sec	1,671/min
Resource allocations
Threads:	4	12
Handles:	41	600

Process properties

Integrety level:	System
Platform:	32-bit
Command line:	"C:\ProgramData\chgservice.exe" -service
Owner:	SYSTEM
Windows Service
Service name:	Change Modem Device Service
Type:	Win32OwnProcess, InteractiveProcess
Parent process:	services.exe (Services and Controller app by Microsoft)

Distribution by Windows OS

OS version	distribution
Windows 7 Ultimate	36.84%
Microsoft Windows XP	31.58%
Windows 7 Home Premium	15.79%
Windows 7 Professional	10.53%
Windows 7 Home Basic	5.26%

Distribution by country

India installs about 47.37% of chgservice.exe.

Distribution by PC manufacturer

PC Manufacturer	distribution
Dell	40.00%
American Megatrends	20.00%
Hewlett-Packard	20.00%
Acer	20.00%

Remove Adware and Spyware Programs, FREE Download!