In response to Google and Mozilla's decision to ban CNNIC issues certificate, I tried to go to CNNIC website with HTTPS to get a sample of the cert to revoke.
After go there I opened MMC and added Certificates snap-in for my account and the computer account, and found the "CNNIC Root" automatically added to "Trusted Root CA" folder of my current user. I removed the cert and reload the page, and found that the cert appears in my "Trusted Root CA" folder again. Is there some kind of magic here, or is it some kind of vulunerability happening? (It would be a problem if I visit some random website and found they can add their self-signed cert as root cert to my "Trusted Root CA" folder)
Anyway, after I moved the cert to my "Untrusted Certificates" folder of local machine, the "CNNIC Root" cert no longer come back.