![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 69%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERK%3C/text%3E%3C/svg%3E)
All very normal and portions of these are required for the proper operation of Windows, so best left alone by unknowledgeable consumers rooting around on their systems in places they don't understand,
Here's a relatively readable technical document that discusses these, but as the following paragraph from the end of that section states, I'd just leave these alone (I have them too and I've had 45+ years as a computing and security professional), since by themselves they won't allow anyone access, whether remote or not, and messing with them will likely just break things. As long as you don't manually open the public share on your device along with changing the firewall setting to Private (yes, Private is more dangerous than Public, which closes all inbound ports for use on Public Wi-Fi or similar risky networks), then the fact these shares exist doesn't matter, since they're not exposed by default.
"Generally, we recommend that you don't modify these special shared resources. However, if you want to remove the special shared resources and prevent them from being created automatically, you can do it by editing the registry."
Remove administrative shares - Windows Server | Microsoft Learn
As for the folders where you don't have access by default, those are actually quite common with newer versions of Windows and are set that way to keep those using a system from doing damage to the folders and files they contain, since the only folders the user himself usually needs to access are the special 'Libraries' such as Documents, Pictures, Videos, etc. that contain personal files.
The reason these folders are secured is that if malware were to actually get into a system via a user download for example, the default security settings for both the user and these folders stops (or at least slows) the ability for the malware to modify their critical contents, giving the installed anti-malware app such as Microsoft Defender time to hopefully recognize the attack and attempt to stop it before it does any true damage.
As with all consumers with no technical knowledge, you're tromping around in your system in places you don't know, thinking about doing things you shouldn't. Don't. Just stop and leave the technical details to Windows itself, it's far more capable on its own than all but the most technically knowledgeable and talented techs, let alone the average consumer.
Rob