You may have read that a rogue Certificate eDellRoot has been installed on new Dell laptops and desktop computers. This certificate is installed by the Dell Foundation Services application and implemented as part of a support tool. What is important to note is that this certificate introduces a security vulnerability.
So if you have a new Dell computer, you may want to see if you have an eDellRoot certificate installed, and if so, remove it immediately.
This post will show you how to remove the rogue eDellRoot certificate from your Dell laptop or desktop computer, manually or using an automatic fix from Dell.
To check if you have it installed, go to Start > Type “certmgr.msc”> Accept the UAC prompt > Trusted Root Certification Authorities > Certificates. Check if there is an entry named “eDellRoot”. If you see it you may want to remove it.
eDellRoot certificate removal instructions
There are three methods to remove the certificates:
- Manual method
- Automatic method
- Windows Defender or Microsoft Security
Ensure you have an admin account to set this up.
1] Manual method
- Right-click on the Start Button to open the WinX Menu. Click on Run.
- In the Run box, type services.msc and hit Enter to open the Services Manager.
- Here look for Dell Foundation Services.
- Once you have located the Service, click on the Stop the service link.
- Now open File Explorer and navigate to C:\Program Files\Dell\Dell Foundation Services folder.
- Here, delete the Dell.Foundation.Agent.Plugins.eDell.dll file.
- Finally, type certmgr.msc in the Run box and hit Enter to open the Certificates Manager.
- Select eDellRoot. Once you have selected it, carefully click on the red X icon to delete the certificate.
- Restart your Windows computer. The eDellRoot certificate will be completely removed.
2] Automatic method
Dell has also released a fix that will automatically remove eDellRoot from your computer. You can download the automatic removal patch eDellRootCertFix.exe from Dell and use it.
3] Windows Defender or Microsoft Security
Windows Defender has now been updated to remove eDellRoot and DSDTestProvider certificates. So make sure that your Windows Defender has been updated with the latest definitions and run its full scan. I am sure that the other antivirus software companies, too, will soon remove this threat.
Some of you may want to try this free Root Certificate Scanner to scan Windows Root Certificates for untrusted ones.