Category: Microsoft

How to Find Hidden & Saved Passwords in Windows 10

For years users have wanted to save time and effort when accessing servers on the network, Web sites requiring credentials, etc. So, there have been options in the operating system to save usernames and passwords for faster and easier access. I am sure you have seen this, either in a prompt or a checkbox, asking you to save the password. In Windows, you have the ability to store the credentials for resources that you access often, or just don’t want to have to remember the password.  Although this is a time-saving option, you might want to reconsider using this feature due to security issues.

Key Holder

Windows stores the passwords that you use to log in, access network shares, or shared devices. All of these passwords are stored in an encrypted format, but some passwords easily are decrypted using your Windows login password.

Windows stores the login credential details in a hidden desktop app named Credential Manager. Here is how to find this app, how to see which credentials are stored by Windows and how to manage them:

What is the Credential Manager?

Credential Manager is the “digital locker” where Windows stores log-in credentials like usernames, passwords, and addresses. This information can be saved by Windows for use on your local computer, on other computers in the same network, servers or internet locations such as websites. This data can be used by Windows itself or by programs like File Explorer, Microsoft Office, Skype, virtualization software and so on. Credentials are split into several categories:

  • Windows Credentials – are used only by Windows and its services. For example, Windows can use these credentials to automatically log you into the shared folders of another computer on your network. It can also store the password of the Homegroup you have joined and uses it automatically each time you access what is being shared in that Homegroup. If you type a wrong log-in credential, Windows remembers it and fails to access what you need. If this happens, you can edit or remove the incorrect credential, as shown in later sections of this article.
  • Certificate-Based Credentials – they are used together with smart-cards, mostly in complex business network environments. Most people will never need to use such credentials and this section is empty on their computers. However, if you want to know more about them, read this article from Microsoft: Guidelines for enabling smart card logon with third-party certification authorities.
  • Generic Credentials – are defined and used by some of the apps you install in Windows so that they get the authorization to use certain resources. Examples of such apps include OneDrive, Slack, Xbox Live, etc.
  • Web Credentials – they represent login information for websites that are stored by Windows, Skype, Internet Explorer or other Microsoft apps. They exist only in Windows 10 and Windows 8.1, but not in Windows 7.

How to open the Credential Manager in Windows:

The method that works the same in all versions of Windows. First, open the Control Panel and then go to “User Accounts  –> Credential Manager.”

Capture-1

You’ll notice there are two categories: Web Credentials and Windows Credentials. The web credentials will have any passwords from sites that you saved while browsing in Internet Explorer or Microsoft Edge. Click on the down arrow and then click on the Show link.

Capture-2

You’ll have to type in your Windows password in order to decrypt the password.

Capture-4

f you click on Windows Credentials, you ’ll see fewer credentials stored here unless you work in a corporate environment. These are credentials when connecting to network shares, different computers on the network, or network devices such as a NAS.

Capture-3

In the same way, I’ll also mention how you can view Google Chrome saved passwords. Basically, each browser has the same feature, so you can do the same thing for Firefox, Safari, etc. In Chrome, click on the three dots at the top right and then click on Settings. Scroll down and then click on Passwords.

Under Passwords, enable Offer to save your web passwords. You can view the saved passwords.

Capture-5

History of the Credential Manager:

According to a 1996 Network Applications Consortium (NAC) study, users in large enterprises spend an average of 44 hours per year performing login tasks to access a set of four applications. The same study revealed that 70 percent of calls to companies’ Help desks were password-reset requests from users who had forgotten a password.

Single sign-on (SSO) is an approach that attempts to reduce the time users spend performing login tasks and the number of passwords users must remember. The Open Group, an international vendor and technology-neutral consortium dedicated to improving business efficiency, defines SSO as the “mechanism whereby a single action of user authentication and authorization can permit a user to access all computers and systems where that user has access permission, without the need to enter multiple passwords”

SSO solutions come in two flavors: solutions that deal with one set of user credentials and solutions that deal with multiple sets of user credentials.

A good example of the first type of solution is a Kerberos authentication protocol-based SSO setup.

A good example of the second type of solution is the Credential Manager. Credential Manager is a new SSO solution that Microsoft offers in Windows Server 2003 and Windows XP. It’s based on a secure client-side credential-caching mechanism.

The Windows 2000 (and earlier) requirement that users must re-enter the same credentials whenever they access resources on the same Internet or intranet server can be frustrating for users, especially when they have more than one set of credentials. Administrators often must cope with the same frustration when they have to switch to alternative credentials to perform administrative tasks. Credential Manager solves these problems.

Conclusion:

Browser-stored passwords make it easy for hackers to get inside your network

allowing a browser to “remember” passwords can pose a major security risk because:

  • Password recovery tools can easily find these passwords.
  • Browsers typically do not use strong encryption for these passwords.
  • Users do not monitor and rarely change these passwords once they store them in their browser.

DO NOT USE THE “REMEMBER PASSWORD” FEATURE ON APPLICATIONS SUCH AS WEB BROWSERS (Google Chrome, Mozilla Firefox, Safari, Internet Explorer etc.)

For IT Admins:

Get your FREE Browser-Stored Password Discovery Tool from Thycotic to quickly and easily identify risky storage of passwords in web browsers among your Active Directory users. You get reports that identify:

  • Top 10 common machines with browser-stored passwords
  • Top 10 common users with browser-stored passwords
  • Top 10 most frequently used websites with browser-stored passwords

The Browser-Stored Password Discovery Tool is free. You can re-run the Browser-Stored Password Discovery Tool at any time to identify browser password risks and help enforce compliance with web browser security policies.

Source: online-tech-tips, digitalcitizen, techgenix,

 

The top 10 features of Windows Server 2016

Windows Server 2016 as compared to the previous version focuses more on cloud and virtualization. The top 10 features of 2016 version are as follows:

1. Windows Nano Server

Nano Server is a pared down headless version (no local login) of Windows Server. Nano Server will have a 93% smaller VHD size, 92% fewer critical bulletins and 80% fewer required reboots. Nano Server is a Windows Server installation options and it’s completely headless – there’s no GUI and no command prompt. Nano Server is designed to run Hyper-V, Hyper-V cluster, and Scale-Out File Servers (SOFSs) and cloud service applications.

2. Windows Server Containers and Hyper-V Containers

The next biggest change in Windows Server 2016 will be support for containers. Containers enable you to isolate your applications from the underlying OS improving the deployment and reliability of those applications. Windows Server 2016 will provide two kinds of native containers: Windows Server Containers and Hyper-V Containers.  Windows Server Containers are isolated from each other, but they run directly on the Windows Server 2016 OS. Hyper-V Containers provide enhanced isolation by running the containers from a Hyper-V VM.

FB-Server-2016-2-1200x600

3. Docker Support

Docker is an open-source engine that’s used for building, running and managing containers. Docker containers were originally built for Linux but the next version of Windows Server will provide built-in support for the Docker engine as well. A new open-source Docker engine project has been built for Windows Server with Microsoft participating as an active open source community member. You can use Docker to manage Windows Server and Hyper-V Containers.

4. Rolling upgrades for Hyper-V and Storage clusters

One of the biggest new changes for Hyper-V in Windows Server 2016 is rolling upgrades for Hyper-V clusters. The new rolling upgrades feature allows you to add a new Windows Server 2016 node to a Hyper-V cluster with nodes that are running Windows Server 2012 R2. The cluster will continue to run at the Windows Server 2012 R2 functional level until all of the cluster nodes have been upgraded to Windows Server 2016. When the cluster has mixed level nodes the management must be done from Windows Server 2016 or Windows 10. New VMs on a mixed cluster will be compatible with the Windows Server 2012 R2 feature set.

5. Hot add & remove of virtual memory network adapters

Another great new feature in Windows Server 2016 Hyper-V is the ability to add and remove the virtual memory and virtual network adapters while the virtual machine is running. In previous releases, you need to use dynamic memory to change the minimum and maximum RAM settings of a VM that is running. Windows Server 2016 enables you to change the allocated RAM while the VM is active even if the VM is using static memory. Likewise, you add and remove network adapters while VM is running.

6. Nested virtualization

Added primarily for the new container support, Windows Server 2016’s nested virtualization capabilities will also be a handy addition for training and lab scenarios. With this new feature, you are no longer limited to running the Hyper-V role on a physical server. Nested virtualization enables you to run Hyper-V within a Hyper-V virtual machine.

7. PowerShell Direct

PowerShell is a great management automation tool but it can be complicated to get it to run remotely against your VMs. You need to worry about security policies, firewall configurations, and your host networking configuration. PowerShell Direct enables you to run PowerShell commands in the guest OS of a VM without needing to go through the network layers. Like VMConnect (the remote console support provided by the Hyper-V Manager) it requires zero configuration it connects directly to the guest VM and all you need are authentication credentials for the VM’s guest OS.

8. Linux Secure Boot

Another new feature in Windows Server 2016 Hyper-V is the ability to enable secure boot for VMs with Linux guest operating systems. Secure Boot is a feature of the UEFI firmware specification incorporated in Generation 2 VMs that protects the VM’s hardware kernel mode code from being attacked by rootkits and other boot-time malware. Previously, Generation 2 VMs supported Secure Boot for Windows 8/8.1 and Windows Server 2012 VMs but not VM’s running Linux.

9. New Host Guardian Service and Shielded VMs

The Host Guardian Service is a new role in Windows Server 2016 that enables shielded virtual machines and protects the data on them from unauthorized access – even from Hyper-V administrators. Shielded VMs can be created using the Azure Management Pack Portal. Standard VMs can also be converted to Shielded VMs. With Shielded VMs Hyper-V virtual disks can be encrypted with BitLocker.

10. Storage Spaces Direct

Windows Server 2016 also has a number of storage system improvements one of the most important is the new Storage Spaces Direct feature. Storage Spaces Direct is the evolution of the previous Storage Spaces technology found in Windows Server 2012 R2. Windows Server 2016 Storage Spaces Direct allows a cluster to access JBOD storage in an external enclosure like Windows Server 2012 R2 or it can also allow access to JBOD and SAS disks that are internal to the cluster nodes. Like the previous release, Store Spaces form the basis for Storage Pools and they support both SSD and HDD disks and data tiering.

Source: itprotoday

How to find ALL the saved Wi-Fi passwords in Windows 10

In my previous blog post, I had posted a detailed explanation on how to view the currently connected network Wi-Fi password saved in Windows 10 PC. On this post, we are going to see ALL the Wi-Fi passwords (currently connected and previously connected networks, even if you’re not connected to them anymore) saved in the Windows 10 PC.

There can be a lot of reasons as to why you might want to know the Wi-Fi password for a network you are currently connected to or you have connected in the past. For example, we need to enter the same password in another device. Or worse, we need the password of the Wi-Fi router which we aren’t currently connected to.

Windows OS normally saves the Wi-Fi passwords whenever you connect to any wireless networks. This feature reconnects the Wi-Fi network automatically for the next time.

But, Windows 10 does not show the saved passwords of other disconnected networks in settings directly. We can view all the disconnected Wi-Fi network passwords by using command prompt / Windows PowerShell or by using some external tools.

  1. Command Prompt or Windows PowerShell
  2. WirelessKeyView
  3. Wi-Fi password revealer
  1. Command Prompt or Windows PowerShell:

Step 1: Press Windows Key + X  à Click on Windows PowerShell (Admin)

Step 2: Run the following command to show all the Wi-Fi profiles saved on your computer:
netsh wlan show profiles

Image-A

Step 3: Now to view the saved password of a particular Wi-Fi network, type this command substituting “NETWORK NAME” with the Wi-Fi network you’re looking up:

netsh wlan show profile “NETWORK NAME” key=clear

Example: netsh wlan show profile “Mad’s Moto” key=clear

Image-B

You’ll see your Wi-Fi password in ‘Key Index,’ under Security settings.

You have to run the command with each Wi-Fi profile name or SSID (Service Set Identifier) to know the password.

2. WirelessKeyView: WirelessKeyView is a small freeware utility which will show you all your saved Wi-Fi passwords. WirelessKeyView recovers all wireless network security keys/passwords (WEP/WPA) stored in your computer by the ‘Wireless Zero Configuration’ service of Windows.

Version available: WirelessKeyView v2.05 (32 Bit & 64Bit).

NOTE: Some Antivirus programs detect WirelessKeyView utility as infected with Trojan/Virus. I had installed and tested on my laptop, didn’t face any issue. Safe to use.

wirelesskeyview

3. Wi-Fi password revealer: Wi-Fi password revealer(finder) is a small freeware utility which will show you all your saved Wi-Fi passwords.

You just have to download Wi-Fi password revealer, install and run it. There is no configuration required.

Wi-Fi password revealer

NOTE #1: This is NOT Wi-Fi password sniffer or stealer. It will only show your saved Wi-Fi passwords (which you have entered in the past).

NOTE #2: Administrator rights are required on your PC in order to decrypt stored passwords.

Source: guidingtech, nirsoft, magicaljellybean

How to find a Wi-Fi password on a Windows 10 PC?

If you are trying to see the password for the network that you’re currently connected to, follow these steps:

Step 1: Press Windows Key + X + C  > Click on Settings

Image-1

Step 2: Click on Network & Internet

Image

Step 3: Click on Network and Sharing.

Image-2

Step 4: When the Network and Sharing Center opens, click on the Connections’ Wi-Fi network link

Image-3

 

Step 5: Click the Wireless Properties button on Wi-Fi Status Window.

Image-4

Step 6: Select the Security tab and check the box to show characters to reveal the password.

Image-5

 

NOTE: You must have administrator rights to the computer to view this information.

WINDOWS 10 INSIDER PREVIEW BUILD 16232 will Protect Against Ransomware Attacks

In the wake of recent devastating global ransomware outbreaks, Microsoft has released Insider Preview Build 16232 for Windows 10 operating system to protect against ransomware and other emerging threats that specifically targets its platform.

Microsoft is planning to introduce the security features in Windows 10 Creator Update (also known as RedStone 3), which is expected to release sometime between September and October 2017.

Image-2

The anti-ransomware feature, dubbed Controlled Folder Access, is part of Windows Defender that blocks unauthorized applications from making any modifications to your important files located in certain “protected” folders.

Applications on a whitelist can only access Protected folders. So, you can add or remove the apps from the list. Certain applications will be whitelisted automatically, though the company doesn’t specify which applications.

Once turned on, “Controlled folder access” will watch over files stored inside Protected folders and any attempt to access or modify a protected file by non-whitelisted apps will be blocked by Windows Defender, preventing most ransomware to encrypt your important files.

So, whenever an application tries to make changes to Protected files but is blacklisted by the feature, you will get a notification about the attempt.

How to Enable Controlled Folder Access, Whitelist Apps and Add or Remove Protected Folders:

Here’s how to enable the Controlled folder access feature:

Go to Start menu and Open the Windows Defender Security Center

Go to the Virus & Threat Protection settings section

Set the switch to On

Here’s how to allow apps that you trust is being blocked by the Controlled folder access feature to access Protected folders:

Image-3

Go to Start menu and Open the Windows Defender Security Center

Go to the Virus & Threat Protection settings section

Click ‘Allow an app through Controlled folder access’ in the Controlled folder access area

Click ‘Add an allowed app‘ and select the app you want to allow

Windows library folders like Documents, Pictures, Movies, and Desktop are designated as being compulsorily “protected” by default, which cannot be removed.

However, users can add or remove their personal folders to the list of protected folders. Here’s how to add folders to Protected folders list:

Image-4

Go to Start menu and Open the Windows Defender Security Center

Go to the Virus & Threat Protection settings section

Click ‘Protected folders’ in the Controlled folder access area

Enter the full path of the folder you want to monitor

Users can also enter network shares and mapped drives, but environment variables and wildcards are not supported at this moment.

HOW TO INSTALL INSIDER PREVIEW BUILD 16232

The new build is available for download via Windows Update, so it’ll be automatically downloaded and installed on all computers running Windows 10 Insider Preview soon.

If you want to manually download and install the new build ASAP, you can do this using following simple steps:

  1. Open Settings app from Start Menu.
  2. Click on Update and security icon.
  3. Once you open Windows Update section, it’ll automatically start checking for new builds. Otherwise, you can click on “Check for updates” button.
  4. Click on “Download now” button to start downloading the new update build of Windows 10.

After downloading the build, your computer will automatically restart to install the new update.

The download size will be around 2 or 3 GB depending upon the computer architecture (32-bit or 64-bit) and system language.

 PS: If you can’t find the new build on Windows Update, following tutorial will help you:

[Fix] New Insider Preview Builds of Windows 10 Not Showing on Windows Update

Source: The Hackernewsaskvg, Microsoft

 

What is that popup on Windows 10 that disappears after a split second?

If you run Windows 10, you may have noticed a popup window being launched on the screen once a day, or even regularly.

It is spawned and immediately closed again. This makes it difficult to understand what spawns it, why it is launched, and whether it is something that you need to be concerned about.

One of the issues of this is that you may be thrown out of full-screen applications when that happens. Several users of Windows 10 reported that they get the window every hour or so and that it makes playing games a nightmare because of that.

The file that gets executed every hour or so is called officebackgroundtaskhandler.exe, and you can find it under

C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe

If you check the log on your system, for instance, you may notice that this is the case on your Windows 10 device.

officebackgroundtaskhandler

This issue has been a hot topic since April 15th when a user reported it on Microsoft’s official Answer forum.

Is there a really, really good reason that the “OfficeBackgroundTaskHandlerRegistration” task (see it in Task Scheduler, Microsoft, Office) must run every hour?  This is what it says that it does: “This task initiates Office Background Task Handler, which updates relevant Office data.”

 I ask because it runs officebackgroundtaskhandler.exe in such a way that it flashes a window (itself) on the screen. Only instantaneously to be sure, but it’s noticeable, especially once you catch onto what’s happening. You can run the task manually if you want to see it without waiting.

 Why doesn’t the task use one of the many tricks to hide a window from displaying? 

If Microsoft Office runs on the Windows 10 machine, two tasks are scheduled to run OfficeBackgroundTaskHandler. They are:

  • OfficeBackgroundTaskHandlerLogon which runs when the user logs on to the system.
  • OfficeBackgroundTaskHandlerRegistration which runs every hour.

 Solutions:

The task window should not be launched when the task is run, and there are plenty of ways that Microsoft could have picked to hide the task window instead of spawning it every hour on the user system.

The two main options that you have been to disable the task, or to switch it from running under User to System.

1.     Disabling the Task

office task

It is unclear what the task does, and you should monitor Office closely after disabling it to make sure everything works as intended. The task is still run on login though.

  1. Tap on the Windows-key, type Task Scheduler, and hit the Enter-key.
  2. Go to Task Scheduler > Task Scheduler Library –> Microsoft > Office
  3. Locate the task OfficeBackgroundTaskHandlerRegistration.
  4. Right-click on the task, and select the disable option.

2.     Run under System account

The second option that you have is to change the user group the task runs under. Switching it to System reportedly hides the popup window from spawning.

office task2

  1. Tap on the Windows-key, type Task Scheduler, and hit the Enter-key.
  2. Go to Task Scheduler > Task Scheduler Library > Microsoft > Office
  3. Right-click on OfficeBackgroundTaskHandlerRegistration and select Properties.
  4. Select “Change User or Group”.
  5. Type system.

Click ok.

Or Wait for some time, Microsoft is going to release the patch build 16.0.8201.2025. As of now this patch released for those participating in the Office Insiders Slow program. It will be included in a future update for those not participating in Insiders.

How to install Office updates manually?

Check the link given below:

https://support.office.com/en-us/article/Install-Office-updates-2ab296f3-7f03-43a2-8e50-46de917611c5

Source: ghacks, Microsoft, MS Office

Stop using the insecure SMBv1/SMB1 protocol

The recent WannaCry ransomware outbreak spread because of a vulnerability in one of the internet’s most ancient networking protocols, Server Message Block version 1 (aka SMBv1 / SMB 1).

Barry Feigenbaum originally designed SMB at IBM. Microsoft has made considerable modifications to the most commonly used version. Microsoft merged the SMB protocol with the LAN Manager product.

The original SMB1 protocol is nearly 30 years old, and like much of the software made in the 80’s, it was designed for the world that no longer exists. The world without malicious actors, without vast sets of important data, without near-universal computer usage. Frankly, its naivete is staggering when viewed through modern eyes.

The Server Message Block, or SMB, protocol is a file sharing protocol that allows operating systems and applications to read and write data to a system. It also allows a system to request services from a server.

This is the protocol mainly used for providing shared access to files, printers, and serial ports and miscellaneous communications between nodes on a network.

In computer networkingServer Message Block (SMB), one version of which was also known as Common Internet File System (CIFS) operates as an application-layer network protocol.

There have been numerous vulnerabilities tied to the use of Windows SMB v1, including remote code execution and denial-of-service exploits. These two vulnerabilities can leave a system crippled, or allow attackers to compromise a system using this vulnerable protocol.

Protocol Version Windows OS
SMB 1 Windows 2000, Windows 2003, Windows XP
SMB 2 Windows Server 2008 and Windows Vista SP1
SMB 2.1 Windows Server 2008 R2 and Windows 7
SMB 3.0 Windows Server 2012 and Windows 8
SMB 3.0.2 Windows Server 2012 R2 and Windows 8.1
SMB 3.1.1 Windows Server 2016 and Windows 10

SMB 1 protocol permits man-in-the-middle exploits and it “isn’t safe” to use. An attacker can use SMB 2 to pull information from the insecure SMB 1 protocol if it exists in a network.

The nasty bit is that no matter how you secure all these things if 
your clients use SMB1, then a man-in-the-middle can tell your client
to ignore all the above. All they need to do is block SMB2+ on 
themselves and answer to your server's name or IP.Your client will 
happily derp away on SMB1 and share all its darkest secrets unless
you required encryption on that share to prevent SMB1 in the first 
place. This is not theoretical-- we've seen it.

                 ~ Ned Pyle, a Principal Program Manager, Microsoft

 

How to remove SMB V1 /SMB 1 in Windows OS?

Windows 8.1 and Windows 10:

Method-1: Open Control Panel (just start typing Control in the search box to find its shortcut quickly). Click Programs, and then click Turn Windows features on or off (under the Programs heading). Or

Start –> Run –> Type appwiz.cpl –> press enter –> Click Turn Windows features on or off

Clear the check box for SMB 1.0/CIFS File Sharing Support, as shown here. That’s it; you’re protected.

SMB1

Method-2:  open a Windows PowerShell prompt with administrative privileges. In the Windows 10 Creators Update, version 1703, right-click the Start button and choose Windows PowerShell (Admin) from the Quick Link menu.) If you’re running an earlier Windows 10 version, enter Windows PowerShell in the search box, then right-click the Windows PowerShell shortcut and click Run as administrator. From that elevated PowerShell prompt, type the following command:

Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol

Press Enter and you’re done.

Note You must restart the computer after you make these changes.

Windows 2012 R2, and Windows Server 2016:

Method-1: Launch Server Manager from Command Line.

Press the Windows key + R to open the Run box, or open the Command Prompt. Type ServerManager and press Enter.

Run

Or Launch Server Manager from Taskbar

Task bar

On Server, the Server Manager approach:

image495

Method-2: On Server, the PowerShell approach (Remove-WindowsFeature FS-SMB1):

Remove-WindowsFeature Name FS-SMB1

image496

On legacy operating systems:

When using operating systems older than Windows 8.1 and Windows Server 2012 R2, you can’t remove SMB1 – but you can disable it.

Windows 8 and Windows Server 2012:

Windows 8 and Windows Server 2012 introduce the new Set-SMBServerConfiguration Windows PowerShell cmdlet. The cmdlet enables you to enable or disable the SMBv1, SMBv2, and SMBv3 protocols on the server component. (A cmdlet is a lightweight command that is used in the Windows PowerShell environment.)

  • To disable SMBv1 on the SMB server, run the following cmdlet:

Set-SmbServerConfiguration -EnableSMB1Protocol $false

  •  To enable SMBv1 on the SMB server, run the following cmdlet:

Set-SmbServerConfiguration -EnableSMB1Protocol $true

 Windows Server 2008 R2 and Windows Server 2008:

To enable or disable SMB protocols on an SMB Server that is running Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008, use Windows PowerShell or Registry Editor.

Windows PowerShell 2.0 or a later version of PowerShell

  • To disable SMBv1 on the SMB server, run the following cmdlet:

Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” SMB1 -Type DWORD -Value 0 -Force

  • To enable SMBv1 on the SMB server, run the following cmdlet:

Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” SMB1 -Type DWORD -Value 1 -Force

 Note You must restart the computer after you make these changes.

Registry Editor:

Important

This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to backup, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:  322756 How to backup and restore the registry in Windows

To enable or disable SMBv1 on the SMB server, configure the following registry key:

Registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\ParametersRegistry entry: SMB1
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled

Windows Vista, Windows 7, and Windows 8:

  • To disable SMBv1 on the SMB client, run the following commands:

sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start= disabled

  • To enable SMBv1 on the SMB client, run the following commands:

sc.exe config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi
sc.exe config mrxsmb10 start= auto

Source: Microsoftzdnettechnet.microsoftredmondmagtop-password, techtargetwindowsitpro