Go Premium for a chance to win a PS4. Enter to Win


xp sharing c$

Posted on 2004-04-27
Medium Priority
Last Modified: 2010-04-17
I notice that windows xp has drive c shared as c$

but how do you get into it. as well as the other drives and folders it is sharing.
how do you turn them off as well
Question by:bman9111

Expert Comment

ID: 10932311
The C$ share is just a hidden share (permissions adjustable)

From the command prompt map using
net use x: \\pcname\c$

To remove
net use x: /delete


Expert Comment

ID: 10932979
C$ is default share.  It cannot be disabled, but a network user would have to know a login (I belive it must be an administrator) to get access to the share.  If you go to start -> control panel -> Administrative Tools -> Computer Management, then expand "shared folder" and click "shares", you will see all your shares, default or otherwise.  If you try to stop sharing C$, it will give you a warning and optionally stop it.  It will automatically be reshared when you restart your computer, however.  Hope this helps, just ask if you don't understand anything or need anything else.

Expert Comment

ID: 10933788
You can disable it for good by using a registry setting

-click start, run, type in regedit and hit enter
-navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
-create, or set if they already exist, the two keys AutoShareServer and AutoShareWks to 0 (they should be REG_DWORD type)
-the next time you reboot, you will no longer have this share enabled

Caution: Microsoft Systems Management Server (SMS) and Microsoft Operations Manager (MOM) use this share, but if this is a home computer you will not have these running, and it is ok to disable them, if this is a work computer, check if these services are in use first. (generally there is no good reason to have C$ shared)

for a picture of this and more information, view this page http://www.winguides.com/registry/display.php/4/ or http://www.anandtech.com/guides/viewfaq.html?i=139

Hope this helps,
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 10933947
I have several hidden files like c$, but the users that have xp can see all of the shared folders because xp pulls them all in.
I am using mmc and have a group policy, is there a place that I can check that will block xp from pulling in all shared folders on the network???

bman9111, I hope you do not oppose of me on asking this...

Author Comment

ID: 10933951
no problem as long as the experts don't mind.......

Expert Comment

ID: 10934450
I would take a look at http://www.practicallynetworked.com/sharing/xp/filesharing.htm
the first paragraph says the following:

Windows XP lets you share a computer's disks and folders with other computers on the network, using a method called Simple File Sharing. And it really is simple. If a disk or folder is shared, everyone on the network can access it. There are no user permissions and no passwords. Because sharing in this way is so wide open, Windows XP tries to protect you from some potential security risks.

So, it sounds like simple file sharing is the thing 'pulling in' the shared folders

I would disable this by doing the following:
 Click Start > My Computer > Tools > Folder Options
 Select the View tab
 Go to Advanced Settings,  
 clear the Use Simple File Sharing box
 click Apply

Now, simple file sharing can not be disabled on windows home edition, so to kinda fix the problem add a $ sign in front of the share, this makes it invisible, however, if a person knows the name of the shared file it can still be accessed.

if you are looking for a quicker solution for multiple machines you can make a reg file from the following text:

;Do not use Simple File Sharing

just copy everything between the = signs and save it in notepad as a "somename.reg" include the quotes and just run that on each machine.

Hope this helps some,

Expert Comment

ID: 10934478
I was mistaken above, add the $ sign to the end of a share name to make it a hidden one, instead of in the front,
btw, hidden shares can be accessed without drive mapping, you just have to type in the name of it.

If your computer was named bob, this would access his hidden c$ share:


Expert Comment

ID: 10936172
not entirely.

you'd connect something along these lines:

    TCHAR szRemoteResource[_MAX_PATH];
    DWORD dwRetVal = NO_ERROR;

    // Remote resource, \\remote\ipc$, remote\admin$, ...
    ::sprintf(szRemoteResource, _T("\\\\%s\\%s"), strRemoteMachineIP.GetBuffer(0), strResource.GetBuffer(0));
    //ie... \\bob\C$

    // Then you have to specify a username and password
   // Under WIn2k this defaults to "Administrator" and will accept a NULL password!!!!! w00ps M$...

    // Disconnect or connect to the resource, based on bEstablish
    if (bEstablish)
        NETRESOURCE nr;
        nr.dwType = RESOURCETYPE_ANY;
        nr.lpLocalName = NULL;
        nr.lpRemoteName = (LPTSTR)&szRemoteResource;
        nr.lpProvider = NULL;
        //Establish connection (using username/pwd)
        dwRetVal = ::WNetAddConnection2(

//Now you can copy files over using standard copy commands :D


HANDLE hFileServiceExecutable = ::CreateFile(


anyways, have fun...

If the service does not exist by the way and you already have the remote machines username and password create the share remotely using
WMI, this will allow you to execute services and do all sorts of funky stuff with the connection.

Hope that helps.


Author Comment

ID: 10943237
the problem I am having is the c$ is in showing shared under the computer management

But I have no idea how to make it not shared or better yet be able to get in. I have a user account called Admin with a password, I tried to map to the drive and even took the option to enter a username and password so I used the same as Admin. but nothing. that and the user account which is classified under power user I have no other idea what the password could be. or better yet how to even make a folder with a password. I am assuming the password is coming from the admin account login password...


Expert Comment

ID: 10945653
Hello again

did you try to do the things in my posts?
you should be able to disable the administrative share with it, or you should be able to access it using the format i showed. no need for fancy scripts.


Author Comment

ID: 10948373

that site you listed, states tht you can hide a folder with a $ at the end of the share name. Well I did that but xp pulls in all the folders no matter what. meaning I have 5 computers with win 98 and 3 with xp.

with the option located in folder options - view tab - Automactically Search for network folders and printers

it pulls in everything. I no that if you uncheck this that the folders will not come in, but if a user figures out that by checking this box all folders will come in we are done. I really need to see how to prevent or remove this option from this box. Do you know of anything. I have created a group policy and do not see anything in relations to that. Please help


Accepted Solution

JediPimp earned 120 total points
ID: 10952627

I do not currently have a network to test whether this will work, but in gpedit.msc there might be a setting that can help.

Under the Local Computer Policy > User Configuration > Shared Folders > Allow Shared folder to be published - Set to Disabled
The description says it will the publishing of shared folders in the Active Directory.  This may prevent the other windows machines from seeing the shared folders.

Additionally, under the local security settings > Local Policies > Security Options > Network access: Let Everyone permissions apply to anonymous users - Set to Disabled

This should force users to use a username and password of the computer they are trying to access the share of.

Under that same location make sure that Network access: Shares that can be accessed anonymously is set to blank, if not clear them all out.

None of these will get rid of the shares, if the user knows the share name, but it they are trying to access a computer's share they will need a user name and password from that computer, so if all the computers have different passwords for the users, they shouldn't be able to get to them, at most they could see them.

If this doesn't work, just tell me and i will search for different options,


Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What do responsible coders do? They don't take detrimental shortcuts. They do take reasonable security precautions, create important automation, implement sufficient logging, fix things they break, and care about users.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question