Start Powershell as an administrator and run the following to disable SMB Version 1.

PS C:\> Get-SmbServerConfiguration | select enablesmb1protocol


PS C:\> Set-SmbServerConfiguration -EnableSMB1Protocol $false

Are you sure you want to perform this action?
Performing operation 'Modify' on Target 'SMB Server Configuration'.
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"):

PS C:\> Get-SmbServerConfiguration | select enablesmb1protocol


On Windows 2008 you need to do this by using the registry. Add/edit the following Key and set it to 0 (Zero).

To enable or disable SMBv1 on the SMB server, configure the following registry key:

Registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters

Registry entry: SMB1
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled

Then you need to run some command line (as administrator) programs:

c:\> sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
c:\> sc.exe config mrxsmb10 start= disabled

If you only add the registry change Nessus will then complain that the client is still vulnerable.