How do you remove a default c drive share?

Posted on 2006-03-31
Last Modified: 2012-08-14

I have read that it is good security practice to remove the default c$ share on servers.

I tried adding my own one, and then removing the default c$ but as soon as I closed out of the screens I got an "The share will be restored on re-boot" message...

1) Are there implications with removing the c$ share?

2) If it is safe to remove it or re-name it, how is it done so that it doesn't restore at re-boot?

Many thanks.
Question by:mharcais
    LVL 4

    Expert Comment

    Hi mharcais,

    You can't rename or remove. It's a security point and needed (?) to be accessed by site administrators. It will always stay there, unless you do any hard modifition (I don't know which... Maybe in registry or so...)
    Anyway, as soon as you take it out, it comes back again. The only thing you can do is create passwords for your own access and for pc administrator (I mean PC administrator, not network or site administrator).

    LVL 17

    Expert Comment

    You can remove default shares (and here is how to do it in 2003), but yeah there are repercussions to it.;en-us;816524

    It will prevent some network programs from operating properly, especially some of the remote programs running from another machine... but really, it depends on exactly what you're aiming for in addition to that additional security.
    LVL 4

    Expert Comment

    Yea, unless you need a particularly hardened server, it is better to use permissions to protect the share (the system forces them in place).

    BTW, if you need to do this, some extra events will be seen... and you might not do this on your DC in any case
    LVL 20

    Accepted Solution

    To disable permanently so they will not be recreated on the next reboot, use the following Windows NT / Windows 2000 / Windows XP registry hack:

    Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
    Name: AutoShareServer for servers
    Name: AutoShareWks for workstations
    Type: REG_DWORD
    Value: 0

    For background: Q156365. For details on disabling in Windows XP, see Q314984. In Windows 2000 and Windows XP, you disable the shares via

        * Start
        * Settings
        * Control Panel
        * Systems Tools panel
        * Shared Folders
        * Double-click the Shared Folders branch to expand it
        * Click Shares
        * In the Shared Folder column, right-click the share you want to disable
        * Click Stop sharing
        * Cick OK.

    NOTE: If you disable an administrative share that you have created, it will not be automatically enabled after you restart your computer, and you will need to recreate the share.
    LVL 17

    Expert Comment

    Here's a site you can take a look at if you're into OS hardening like the last few of us have been mentioning:

    It's mainly a matter of figuring out exactly what suits your needs and requirements.... no need to go too far into overkill though.
    LVL 17

    Expert Comment

    Start --> Run --> cmd

    then type following command.

    net share c$ delete

    BR Dushan
    LVL 17

    Expert Comment

    Dushan - That only removes the share for the duration of the session. Once you reboot, that share would come back again, hence why the registry has to be edited.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    NetScaler load balancer for Linux containers

    Get all the features you need to load balance your containerized microservices applications from NetSCaler CPX Express. Integrated with Google Kubernetes, Docker Swarm, and Apache Mesos container management systems.  Supported by Citrix. Free trial version. Deploy in minutes.

    Suggested Solutions

    Overview This article describes how to silently install Adobe Reader on multiple workstations, customize the installation options (accept EULA, remove desktop shortcut etc) using the Adobe Customization Wizard and install Adobe Reader font packs an…
    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now