Host name

IP Adress
Subnet mask
Gateway
Dns server
permissions on registry objects
password-protected screen saver
Domain name
Modify Security Policies
Account Policies
Enforce Password History Enabled:
Maximum Password Age Enabled :
Maximum Password Age Enabled :
Minimum Password Age Enabled:
Passwords Must Meet Complexity Requirements
Store Password Using Reversible Encryption:
Account Lockout Policies
Account Lockout Threshold:
Account Lockout Duration:
Reset Account Lockout Counter After
Local Policies
Audit Policy
Audit account logon events
Audit account management
Audit directory service access
Audit logon events
Audit object access
Audit policy change
Audit privilege use
Audit process tracking
Audit system events
User Rights Assignment
Policy
Access this computer from the network
Act as part of the operating system
Add workstations to domain
Adjust memory quotas for a process
Allow logon through Terminal Services
Back up files and directories
Bypass traverse checking
Change the system time
Create a pagefile
Create a token object
Create global objects
Create permanent shared objects
Debug programs
Deny access to this computer from the network
Deny logon as a batch job
Deny logon as a service
Deny logon locally
Deny logon through Terminal Services
Enable computer and user accounts to be trusted for delegation
Force shutdown from a remote system
Generate security audits
Impersonate a client after authentication
Increase scheduling priority
Load and unload device drivers
Lock pages in memory
Log on as a batch job
Log on as a service
Log on locally
Manage auditing and security log
Modify firmware environment values
Perform volume maintenance tasks
Profile single process
Profile system performance
Remove computer from docking station
Replace a process level token
Restore files and directories
Shut down the system
Synchronize directory service data
Take ownership of files or other objects
Security Options
Accounts: Administrator account status
Accounts: Guest account status
Accounts: Limit local account use of blank passwords to console logon only
Accounts: Rename administrator account
Accounts: Rename guest account
Audit: Audit the access of global system objects
Audit: Audit the use of Backup and Restore privilege
Audit: Shut down system immediately if unable to log security audits
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax
Devices: Allow undock without having to log on
Devices: Allowed to format and eject removable media
Devices: Prevent users from installing printer drivers
Devices: Restrict CD-ROM access to locally logged-on user only
Devices: Restrict floppy access to locally logged-on user only
Devices: Unsigned driver installation behavior
Domain controller: Allow server operators to schedule tasks
Domain controller: LDAP server signing requirements
Domain controller: Refuse machine account password changes
Domain member: Digitally encrypt or sign secure channel data (always)
Domain member: Digitally encrypt secure channel data (when possible)
Domain member: Digitally sign secure channel data (when possible)
Domain member: Disable machine account password changes
Domain member: Maximum machine account password age
Domain member: Require strong (Windows 2000 or later) session key
Interactive logon: Display user information when the session is locked
Interactive logon: Do not display last user name
Interactive logon: Do not require CTRL+ALT+DEL
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available)
Interactive logon: Prompt user to change password before expiration
Interactive logon: Require Domain Controller authentication to unlock workstation
Interactive logon: Require smart card
Interactive logon: Smart card removal behavior
Microsoft network client: Digitally sign communications (always)
Microsoft network client: Digitally sign communications (if server agrees)
Microsoft network client: Send unencrypted password to third-party SMB servers
Microsoft network server: Amount of idle time required before suspending session
Microsoft network server: Digitally sign communications (always)
Microsoft network server: Digitally sign communications (if client agrees)
Microsoft network server: Disconnect clients when logon hours expire
Network access: Allow anonymous SID/Name translation
Network access: Do not allow anonymous enumeration of SAM accounts
Network access: Do not allow anonymous enumeration of SAM accounts and shares
Network access: Do not allow storage of credentials or .NET Passports for network authentication
Network access: Let Everyone permissions apply to anonymous users
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths
Network access: Shares that can be accessed anonymously
Network access: Sharing and security model for local accounts
Network security: Do not store LAN Manager hash value on next password change
Network security: Force logoff when logon hours expire
Network security: LAN Manager authentication level
Network security: LDAP client signing requirements
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
Recovery console: Allow automatic administrative logon
Recovery console: Allow floppy copy and access to all drives and all folders
Shutdown: Allow system to be shut down without having to log on
Shutdown: Clear virtual memory pagefile
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing
System objects: Default owner for objects created by members of the Administrators group
System objects: Require case insensitivity for non-Windows subsystems
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)
SERVICES
.NET Runtime Optimization Service v2.0.50727_X86
Alerter
Application Layer Gateway Service
Application Management
ASP.NET State Service
Automatic Updates
Background Intelligent Transfer Service
ClipBook
COM+ Event System
COM+ System Application
Computer Browser
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
Distributed Transaction Coordinator
DNS Client
Error Reporting Service
ESET HTTP Server
ESET Service
Event Log
Extensible Authentication Protocol Service
Fast User Switching Compatibility
Health Key and Certificate Management Service
Help and Support
HTTP SSL
Human Interface Device Access
IMAPI CD-Burning COM Service
Indexing Service
IPSEC Services
Logical Disk Manager
Logical Disk Manager Administrative Service
Messenger
Microsoft Office Diagnostics Service
Microsoft Office Groove Audit Service
MS Software Shadow Copy Provider
Net Logon
NetMeeting Remote Desktop Sharing
Network Access Protection Agent
Network Connections
Network DDE
Network DDE DSDM
Network Location Awareness (NLA)
Network Provisioning Service
NT LM Security Support Provider
Office Source Engine
Performance Logs and Alerts
Plug and Play
Portable Media Serial Number Service
Print Spooler
Protected Storage
QoS RSVP
Remote Access Auto Connection Manager
Remote Access Connection Manager
Remote Desktop Help Session Manager
Remote Procedure Call (RPC)
Remote Procedure Call (RPC) Locator
Remote Registry
Removable Storage
Routing and Remote Access
Secondary Logon
Security Accounts Manager
Security Center
Server
Shell Hardware Detection
Smart Card
SSDP Discovery Service
System Event Notification
System Restore Service
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Telnet
Terminal Services
Themes
Uninterruptible Power Supply
Universal Plug and Play Device Host
Volume Shadow Copy
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Installer
Windows Management Instrumentation
Windows Management Instrumentation Driver Extensions
Windows Search
Windows Time
Wired AutoConfig
Wireless Zero Configuration
WMI Performance Adapter
Workstation
Status Description

Start -> Programs -> Administrative Tools -> LocalSecurity Setting

secpol.msc
console logon only

curity audits
or Definition Language (SDDL) syntax
or Definition Language (SDDL) syntax
el data (always)
when possible)
en possible)

) session key
sion is locked

n case domain controller is not available)

e expiration
ion to unlock workstation

if server agrees)
third-party SMB servers
efore suspending session

(if client agrees)

hours expire

f SAM accounts
f SAM accounts and shares
NET Passports for network authentication
ymous users

on next password change

P based (including secure RPC) clients

P based (including secure RPC) servers

ves and all folders

to log on
encryption, hashing, and signing
mbers of the Administrators group
ws subsystems
al system objects (e.g. Symbolic Links)
Services.msc
Microsoft .NET Framework NGEN
Notifies selected users and computers of administrative alerts. If th
Provides support for 3rd party protocol plug-ins for Internet Connec
Provides software installation services such as Assign, Publish, and
Provides support for out-of-process session states for ASP.NET. If th
Enables the download and installation of Windows updates. If this s
Transfers data between clients and servers in the background. If BI
Enables ClipBook Viewer to store information and share it with rem
Supports System Event Notification Service (SENS), which provides
Manages the configuration and tracking of Component Object Mode
Maintains an updated list of computers on the network and supplie
Provides three management services: Catalog Database Service, w
Provides launch functionality for DCOM services.
Manages network configuration by registering and updating IP add
Maintains links between NTFS files within a computer or across com
Coordinates transactions that span multiple resource managers, su
Resolves and caches Domain Name System (DNS) names for this c
Allows error reporting for services and applictions running in non-st
ESET HTTP Server
ESET Service
Enables event log messages issued by Windows-based programs a
Provides windows clients Extensible Authentication Protocol Service
Provides management for applications that require assistance in a
Manages health certificates and keys (used by NAP)
Enables Help and Support Center to run on this computer. If this se
This service implements the secure hypertext transfer protocol (HT
Enables generic input access to Human Interface Devices (HID), wh
Manages CD recording using Image Mastering Applications Program
Indexes contents and properties of files on local and remote compu
Manages IP security policy and starts the ISAKMP/Oakley (IKE) and
Detects and monitors new hard disk drives and sends disk volume
Configures hard disk drives and volumes. The service only runs for
Transmits net send and Alerter service messages between clients a
Run portions of Microsoft Office Diagnostics.

Manages software-based volume shadow copies taken by the Volum

Supports pass-through authentication of account logon events for c
Enables an authorized user to access this computer remotely by us
Allows windows clients to participate in Network Access Protection
Manages objects in the Network and Dial-Up Connections folder, in
Provides network transport and security for Dynamic Data Exchang
Manages Dynamic Data Exchange (DDE) network shares. If this ser
Collects and stores network configuration and location information,
Manages XML configuration files on a domain basis for automatic n
Provides security to remote procedure call (RPC) programs that use
Saves installation files used for updates and repairs and is required
Collects performance data from local or remote computers based o
Enables a computer to recognize and adapt to hardware changes w
Retrieves the serial number of any portable media player connecte
Loads files to memory for later printing.
Provides protected storage for sensitive data, such as private keys,
Provides network signaling and local traffic control setup functiona
Creates a connection to a remote network whenever a program ref
Creates a network connection.
Manages and controls Remote Assistance. If this service is stopped
Provides the endpoint mapper and other miscellaneous RPC service
Manages the RPC name service database.
Enables remote users to modify registry settings on this computer.

Offers routing services to businesses in local area and wide area ne

Enables starting processes under alternate credentials. If this servi
Stores security information for local user accounts.
Monitors system security settings and configurations.
Supports file, print, and named-pipe sharing over the network for th
Provides notifications for AutoPlay hardware events.
Manages access to smart cards read by this computer. If this servic
Enables discovery of UPnP devices on your home network.
Tracks system events such as Windows logon, network, and power
Performs system restore functions. To stop service, turn off System
Enables a user to configure and schedule automated tasks on this c
Enables support for NetBIOS over TCP/IP (NetBT) service and NetBI
Provides Telephony API (TAPI) support for programs that control tel
Enables a remote user to log on to this computer and run programs
Allows multiple users to be connected interactively to a machine as
Provides user experience theme management.
Manages an uninterruptible power supply (UPS) connected to the c
Provides support to host Universal Plug and Play devices.
Manages and implements Volume Shadow Copies used for backup
Enables Windows-based programs to create, access, and modify In
Manages audio devices for Windows-based programs. If this service
Provides network address translation, addressing, name resolution
Provides image acquisition services for scanners and cameras.
Adds, modifies, and removes applications provided as a Windows In
Provides a common interface and object model to access managem
Provides systems management information to and from drivers.
Provides content indexing and property caching for file, email and
Maintains date and time synchronization on all clients and servers
This service performs IEEE 802.1X authentication on Ethernet inter
Provides automatic configuration for the 802.11 adapters
Provides performance library information from WMI HiPerf provider
Creates and maintains client network connections to remote server
LocalSecurity Settings
ministrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this
ns for Internet Connection Sharing and the Windows Firewall.
as Assign, Publish, and Remove.
tates for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disab
dows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or
n the background. If BITS is disabled, features such as Windows Update will not work correctly.
and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share inform
SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) compone
omponent Object Model (COM)+-based components. If the service is stopped, most COM+-based components w
e network and supplies this list to computers designated as browsers. If this service is stopped, this list will not
g Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and re

g and updating IP addresses and DNS names.

omputer or across computers in a network domain.
resource managers, such as databases, message queues, and file systems. If this service is stopped, these tran
DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names a
tions running in non-standard environments.

ows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
cation Protocol Service
equire assistance in a multiple user environment.

his computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, a
t transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled
face Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote cont
g Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record C
cal and remote computers; provides rapid access to files through flexible querying language.
KMP/Oakley (IKE) and the IP security driver.
nd sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this servic
e service only runs for configuration processes and then stops.
ages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, A

pies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copie
ount logon events for computers in a domain.
mputer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop shari
ork Access Protection
 Connections folder, in which you can view both local area network and remote connections.
Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers. If this se
work shares. If this service is stopped, DDE network shares will be unavailable. If this service is disabled, any se
d location information, and notifies applications when this information changes.
n basis for automatic network provisioning.
RPC) programs that use transports other than named pipes.
repairs and is required for the downloading of Setup updates and Watson error reports.
ote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If
o hardware changes with little or no user input. Stopping or disabling this service will result in system instabilit
media player connected to this computer. If this service is stopped, protected content might not be down loaded

, such as private keys, to prevent access by unauthorized services, processes, or users.

ontrol setup functionality for QoS-aware programs and control applets.
henever a program references a remote DNS or NetBIOS name or address.

this service is stopped, Remote Assistance will be unavailable. Before stopping this service, see the Dependenc
cellaneous RPC services.

ngs on this computer. If this service is stopped, the registry can be modified only by users on this computer. If

area and wide area network environments.

redentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any

over the network for this computer. If this service is stopped, these functions will be unavailable. If this service

computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled,
ome network.
n, network, and power events. Notifies COM+ Event System subscribers of these events.
ervice, turn off System Restore from the System Restore tab in My Computer->Properties
tomated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. I
tBT) service and NetBIOS name resolution.
ograms that control telephony devices and IP based voice connections on the local computer and, through the L
uter and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based co
ctively to a machine as well as the display of desktops and applications to remote computers. The underpinning

PS) connected to the computer.

Play devices.
opies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backu
access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this se
rograms. If this service is stopped, audio devices and effects will not function properly. If this service is disabled
sing, name resolution and/or intrusion prevention services for a home or small office network.
ners and cameras.
ovided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on
del to access management information about operating system, devices, applications and services. If this servic
 o and from drivers.
ing for file, email and other content (via extensibility APIs). The service responds to file and email notifications
all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailabl
ation on Ethernet interfaces
.11 adapters
m WMI HiPerf providers.
ctions to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabl
t receive them. If this service is disabled, any services that explicitly depend on it will fail to start.

If this service is disabled, any services that explicitly depend on it will fail to start.
ic Updates feature or the Windows Update Web site.

able to share information with remote computers. If this service is disabled, any services that explicitly depend
Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and log
based components will not function properly. If this service is disabled, any services that explicitly depend on it
ped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on
e, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service

s stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it w
resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that e

e stopped.

service is disabled, any services that explicitly depend on it will fail to start.
his service is disabled, any services that explicitly depend on it will fail to start.
yboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by thi
be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.

guration. If this service is stopped, dynamic disk status and configuration information may become out of date.

service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explic

olume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it w

remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it w
 computers. If this service is stopped, DDE transport and security will be unavailable. If this service is disabled,
ce is disabled, any services that explicitly depend on it will fail to start.

or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disa
lt in system instability.
ht not be down loaded to the device.

, see the Dependencies tab of the Properties dialog box.

on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.

rvice is disabled, any services that explicitly depend on it will fail to start.

ilable. If this service is disabled, any services that explicitly depend on it will fail to start.

s service is disabled, any services that explicitly depend on it will fail to start.

eir scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.

er and, through the LAN, on servers that are also running the service.
nd Windows-based computers. If this service is stopped, remote user access to programs might be unavailable.
ers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assista

unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend o
be available. If this service is disabled, any services that explicitly depend on it will fail to start.
his service is disabled, any services that explicitly depend on it will fail to start.

explicitly depend on it will fail to start.

services. If this service is stopped, most Windows-based software will not function properly. If this service is disa
d email notifications to index modified content. If the service is stopped or disabled, the Explorer will not be ab
ion will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

this service is disabled, any services that explicitly depend on it will fail to start.
hat explicitly depend on it will fail to start.
rovide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail
xplicitly depend on it will fail to start.
t explicitly depend on it will fail to start.
uter; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these manage

plicitly depend on it will fail to start.

d, any services that explicitly depend on it will fail to start.

ons controlled by this service will no longer function. If this service is disabled, any services that explicitly depe
t will fail to start.

become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.

y services that explicitly depend on it will fail to start.

licitly depend on it will fail to start.

plicitly depend on it will fail to start.

s service is disabled, any services that explicitly depend on it will fail to start.

. If this service is disabled, any services that explicitly depend on it will fail to start.

ail to start.

fail to start.

might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
hing, Remote Assistance, and Terminal Server.

at explicitly depend on it will fail to start.

. If this service is disabled, any services that explicitly depend on it will fail to start.
xplorer will not be able to display virtual folder views of items, and search in the Explorer will fall back to item-b
will fail to start.
depend on it will fail to start.

opped, these management services will not function properly. If this service is disabled, any services that explic

s that explicitly depend on it will fail to start.

fail to start.
l fail to start.
will fall back to item-by-item slow search.
y services that explicitly depend on it will fail to start.