Why are there so many files in C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

I am running out of disk space on C:-drive. We see many (millions of) files in C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

What are these files ?

Why are so many files created? How can we prevent this from happening? Can these files be deleted?


Solution 1:

I have found the answer by some analysis and testing. The problem is caused by SSL checking performed by ESET antivirus software.

Disable SSL scanning in ESET and these files will stop appearing in great quantities.

ESET SSL scanning is also connected to MITM attack warning in Chrome (also see links posted in given Q/A and comments).

Solution 2:

The files are related to SSL certificates issued through the Windows webserver, IIS.

A solution to delete these files is suggested here:

OK so I have found a way to clear down the folder: forfiles /d -90 /C "cmd /c del @file /F /A:AS"

This looks for files older than 90 days and runs cmd - the del command with force option and files with attributes A and S (archive & system). I dont know why it wasn't working without the /A:AS on the end, maybe because they are system files.

Forfiles is a utility to perform batch operations on multiple files.

CAUTION: before you proceed to remove the files, make sure they are not crucial to any production-critical web sites !