When I try to stop sharing of these "default" shares (the entire PC), a message pops-up: "The share was created for administrative purposes. It will reappear, when Server service or the computer restarts." Share permissions for these folders aren't accessible: "This was created for administrative purposes. Share permissions and file security can not be set". Does this mean, an admin has no way to stop hidden sharing of the entire PC? All these shares are easily accessible from Linux via Samba, and most users have no idea about it. What "Server service" it refers to - SMB? How exactly can a user share ONLY folders selected by him? Can it also be related to turning On Windows Services for NFS in Win7 Programs and Features? But the shares still can't be "unshared" after switching the NFS service Off in Services. On what TCP and UDP ports these "administrative shares" are accessible?

Found these articles: Overview of problems that may occur when administrative shares are missing Windows Administrative Shares Wiki Shared Folders, Ports and Windows Firewall

When servicing my friend's PC, I opened Shared Folders Management Console by running fsmgmt.msc , and there was a long list of Default Shares, including all PC drives and admin account, all open for sharing. This is despite he shared only 3 media folders, and only these folders are visible under Network in Win Explorer. But when mounting Windows shares on some Linux Samba clients, his entire drive collection is mounted like D$, ADMIN$, etc. and accessible, still requiring Login, despite he shared just 3 folders on one drive. Why all drives get listed as Default Shares in this Snap-in, is it how Win 7 installs by default? Or it may be a result of Security Policies change - which ones? He didn't do it manually. Is that a hidden way, Microsoft can access any drive on any PC? What programs can cause this, and how to prevent? And why Win Explorer doesn't show these shares, but only those shared manually through Win Explorer - Folder Properties? Meaning, most users have no clue, there entire PC is freely accessible on LAN, and with some port forwarding also on WAN. Most people assign very weak passwords for user accounts, and there is likely a MS designed password bypass as well.

When I try to stop sharing of these "default" shares (the entire PC), a message pops-up: "The share was created for administrative purposes. It will reappear, when Server service or the computer restarts." Does this mean, an admin has no way to stop hidden sharing of the entire PC? All these shares are easily accessible from Linux via Samba, and most users have no idea about it. What "Server service" it refers to - Samba? How exactly can a user share ONLY folders selected by him?

Hi, I have involved the other engineer who is more familiar with this type issue. She/he will reply you as soon as possible. Thank you for your understanding.Kim Zhou TechNet Community Support

Hi, Based on my knowlege, the shares by default exists because they are very important to be shared for the connection. by default, Windows 7 will list some administrative shares, such as C$, D$. Administrative shares exists because the administrators and computer support technicians need to access other networked computers and manage their services. Administrative shares are created to allow this remote access for operations like backups or configuring print settings. These are hidden shares of a logical hard disk. They are different from the usual shared folders/directories as they remain invisible and can only be accessed with admin rights on a machine. You can recognize an administrative share when a drive letter or folder name has a $ sign attached at the end. E.g. Drive C is shared as C$. The operating system creates hidden administrative shares for all logical drives with a dollar appended in the end (C$;D$). It also creates the admin$ hidden share for default system root or Windows directory as ADMIN$. Other common administrative shares are IPC$, PRINT$, and FAX$ shares. Please understand these shares exists because they are very important and necessary. So we'd better keep them in the list. And Microsoft strongly recommend you to not disable them, or the computer cannot be accessed and get into troubles. However, you said that the list contains many connection from Linux server. We're not sure why the Linux Server will create these connections for administrative share, but I think it may need to connect / access from Linux server. I suggest you to post for the Linux team to see why it needs to establish these connections and what they are for. If anything is unclear in my post, please feel free to let me know. Thanks for your understanding. Best Regards, Annie Gu

Addtional, the article Overview of problems that may occur when administrative shares are missing you found has explained that why we need these administrative shares exists. So we don't recommend you to disable them. thanks.