# A questionable amount of files in MachineKeys folder



## Phantowm (Jul 26, 2014)

Greetings fellow Tech Support members!

I'm wondering how I can delete the files created from my old "Antivirus" in C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys folder.
From further reading I understand that some of these are used by Microsoft and other pieces of software.
However I am certain that at least 80% of them have been generated by ESET's SSL scanning feature.


Is there an efficient way to remove the false system files from my PC?




















There is one command I found:
*forfiles /d -90 /C "cmd /c del * /F /A:AS"*

But I think it is pretty risky to execute.

Source: hard drive - Why are there so many files in C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys - Super User


Cheers!


----------



## Masterchiefxx17 (Feb 27, 2010)

Are you still infected? Before processing work we want to make sure you are all clean of viruses.


----------



## spunk.funk (May 13, 2010)

The MachineKeys folder stores certificate pair keys for both the computer and users. Both Certificate services and Internet Explorer use this folder.

Here are a few methods which you can follow to resolve the issue:

*Method 1:*
Microsoft Safety Scanner
Microsoft Safety Scanner - Free Virus Scan with the Microsoft Safety Scanner
Note: Any data files that are infected may only be cleaned by deleting the file entirely, which means there is a potential for data loss.

*Method 2:*
Delete files using Disk Cleanup
Delete files using Disk Cleanup - Windows Help
Note: It removes temporary files, empties the Recycle Bin, and removes a variety of system files and other items that you no longer need.


----------



## Phantowm (Jul 26, 2014)

Masterchiefxx17 said:


> Are you still infected? Those look like Ransomware files that have been encrypted. Nothing will be able to revert that.


I don't really consider myself infected. The fact that I just have so many useless files is just plain bothering me.
ESET has encrypted them. I found out I have constant disk usage caused by this. Of course after removing the product, I can no longer see my hard drive freaking out.



spunk.funk said:


> The MachineKeys folder stores certificate pair keys for both the computer and users. Both Certificate services and Internet Explorer use this folder.
> 
> Here are a few methods which you can follow to resolve the issue:
> 
> ...


Thanks for the input. However Disk Cleanup only found a couple of files used by Windows Defender. Apparently the encrypted files cannot be accessed?

Also, just a small addition - Every time I let Malwarebytes scan my PC the process gets stuck at the very end of File System scan, when it starts to check all those files. It literally takes forever.


----------



## spunk.funk (May 13, 2010)

You can try Temp File Cleaner which is a better then Disk Cleanup.
_You_ may not think you are infected but since Eset put the files there, and Malwarebytes gets stuck scanning there, then there are files left over from a previous infection that are clogging your system, you still may have an infection.


----------



## Phantowm (Jul 26, 2014)

It has freed some space. No reboot was required.
However the MachineKeys folder has been left untouched.
I like this little program, though. I might use it again in the future.


----------

