Importance of default windows shares

Per this article from the Microsoft Knowledge Base:

• DriveLetter$: This is a shared root partition or volume. Shared root partitions and volumes are displayed as the drive letter name appended with the dollar sign ($). For example, when drive letters C and D are shared, they are displayed as C$ and D$.
• ADMIN$: This is a resource that is used during remote administration of a computer.
• IPC$: This is a resource that shares the named pipes that you must have for communication between programs. This resource cannot be deleted.
• NETLOGON: This is a resource that is used on domain controllers.
• SYSVOL: This is a resource that is used on domain controllers.
• PRINT$: This is a resource that is used during the remote administration of printers.
• FAX$: This is a shared folder on a server that is used by fax clients during fax transmission. Note NETLOGON and SYSVOL are not hidden shares. Instead, these are special administrative shares

You can remove these shares live as per Roy's answer.

Note: Windows will automatically create the admin shares after a reboot. To prevent this behavior, use regedit to find the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters

Create the following 2 DWORD registry values:

AutoShareServer 0
AutoShareWks 0

Look at this microsoft article:
How to create and delete hidden or administrative shares on client computers

To delete a hidden share, follow these steps:

In Control Panel, double-click Administrative Tools, and then double-click Computer Management.
Expand Shared Folders, and then click Shares.
In the Shared Folder column, right-click the share that you want to delete,
click Stop sharing, and then click OK.

Troubleshooting
Test the functionality of your programs and services after you disable the default administrative shares. Some Windows services depend on the existence of these shares.

EDIT: (Thanks Bork Blatt)
You need to edit registry to prevent shared drives from being re-created after you restart the computer.
wiki

The only things I'm aware of it breaking are MS management software, like SMS and MOM. Even the howto KB above only gives a "microsoft recommends against", not terribly dire.

I suppose if you're hardcore they are a liability. I find them useful and use C$/D$ every day. Since you'd need to be an administrator to connect to them, I don't see a reason for removing them. Roy has already linked the MS article to get rid of them. I believe it requires a reboot. If you needed to stop people from connecting to all shares while you waited to reboot you could stop the "server" service.

By default these shares can't be accessed anonymously, so a user needs to be already authenticated before they can potentially misuse them. And if the bad guy is already in your network, I think you've bigger things to be worrying about than the default admin shares.

Anyway, aside from even windows services that may depend on them, as an administrator they can be incredibly useful. e.g. if you need to access to the C drive of a machine without having to remote into it.

My instinct is to not mess with built-in functionality, as it may have ramifications far beyond what seems the obvious.

I cannot comment yet but I wanted to expand Bork's post in regards to NETLOGON and SYSVOL shares.

Netlogon will be the default location AD pulls your login scripts from. Sysvol will hold group policies and your catalogs depending on the server role.

@MatthewC If you compromise a machine, add another account, give it Admin access. You can get full access to those network shares. I used to do it to my roommates comp...

It is SO easy to compromise a single machine its not funny.

It used to be recommended for these to be disabled, but too many products which we use to manage environments like SMS/SCCM use them. For instance, some patch-management products deploy using the admin shares. So we leave them on. The key is to ensure that only the valid people who should have administrative rights to the system have it. Because otherwise, someone could come in and re-activate them (yes, I'm aware that you can force the settings back down via GPO, but there are ways of preventing GPO from working or affecting those settings).