Lenovo sold laptops with a pre-installed adware that can intercept secure connections [Ars].

Lenovo provides a long guide to fix the issue, instead I want to provide a short way.

UPDATE: Microsoft Defender recognizes the adware as a threat and should remove it.

I. Uninstall VisualDiscovery

Execute this program or type in a terminal the following:


Wait a bunch of seconds (no window will appear) and VisualDiscovery will be uninstalled.

II. Remove the certificate from Internet Explorer and Chrome

Execute this program with admin rights (right-click and “Run as administrator”), or type in a terminal the following:

certutil -delstore root d2fc1387a944dce7

III. Remove the certificate from Firefox

See the third step of this guide.

IV. Check you’re now safe

See the last step of this guide.