命令行界面輸入以下命令，防護永恒之藍等已知或未知的病毒。
執(zhí)行后，不需要重啟系統。

:: windows_sec_by_akka9
@set srv=LanmanServer WerSvc RemoteRegistry ShellHWDetection lmhosts SENS COMSysApp EventSystem SSDPSRV Dnscache MSDTC Spooler Themes WpnService lfsvc
@for  %%i in (%srv%) do @net stop %%i >nul 2>nul & @sc config %%i start= disabled

:: enable auto update and firewall
@set srv=wuauserv MpsSvc
@for  %%i in (%srv%) do @net restart %%i >nul 2>nul & @sc config %%i start= auto

netsh advfirewall firewall add rule name="BLOCK_PORT_TCP" dir=in action=block protocol=TCP localport=135,137,138,139,445,593,1025
netsh advfirewall firewall add rule name="BLOCK_PORT_UDP" dir=in action=block protocol=UDP localport=123,5050,5053

@timeout 32

提醒：

• 盡早淘汰XP、Windows 2013。盡早使用Win10，Win2016吧. 當然用蘋果系統、Linux 也是比較安全的.
• 盡早淘汰IE 6、IE 7、IE 8、IE 9、IE 10。盡早使用IE 11, Edge.最好是盡量只使用最新版的Chrome、Firefox.
• 自動更新一定要開啟。

:: disable 137 138 139 445
sc config   MSDTC start= DISABLED
reg add HKLM\SYSTEM\CurrentControlSet\Services\NetBT /v Start  /t REG_DWORD /d 4 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" /v EnableMulticast /t REG_DWORD /d 0 /f
reg add HKLM\SYSTEM\CurrentControlSet\Services\NetBT /v Start /t REG_DWORD /d 4 /f
reg add HKLM\SOFTWARE\Microsoft\Ole /v EnableDCOM /d N /f
reg add HKLM\SOFTWARE\Microsoft\Rpc /v "DCOM Protocols" /t REG_MULTI_SZ /d ncacn_spx\0ncacn_nb_nb\0ncacn_nb_ipx\0 /f
reg add HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters /v SMBDeviceEnabled /t REG_DWORD /d 0 /f

:: change port 445 to 1445
reg add HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Smb /v SessionPort /t REG_DWORD /d 1445 /f
reg add HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Smb /v DatagramPort /t REG_DWORD /d 1445 /f
:: change RDP 3389 to 60089
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Tenninal Server\WinStations\RDP\Tcp" /v PortNumber /t REG_DWORD /d 60089 /f

REM reg add "HKLM\SYSTEM\CurrentControlSet\Services\RpcSs" /v ListenOnInternet /t REG_SZ /d N /f

echo "手動操作關閉137、138、139端口"
echo "本地連接屬性->Internet協議 (TCP/IP)->屬性->高級->WINS，禁用TCP/IP上的NetBIOS"
start /w ncpa.cpl

windows diable CTRL-ALT-DEL

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v DisableCAD /t REG_DWORD /d 1 /f

http://blog.sina.com.cn/s/blog_56cb31070102wgah.html
http://www.computerstepbystep.com/turn-off-multicast-name-resolution.html
http://xfocus.net/articles/200408/723.html