How to remove windowsclick.com redirect [UACd.sys trojan]

Redirect to windowsclick.com site is a result of UACd.sys trojan activity. The trojan horse may represent security risk for the infected computer and uses rootkit-specific techniques designed to hide the software presence in the system.

Once infected, UACd.sys trojan blocks user access to security websites, search results in Google, Yahoo, MSN and other redirect you to windowsclick.com and other non related sites.

Use the following instructions to remove UACd.sys trojan.

Step 1: Disable UACd.sys trojan driver.

• Right click the My computer icon. If you are using the non classic Start menu, then right click My computer icon on your Start button menu.
• Click Properties.
• Click Hardware Tab.
• Click Device Manager.
• In the top menu, click View and click Show Hidden Drivers.
• Scroll down to non Plug and Play drivers.
• Click + at left.
• In the list of drivers right click UACd.sys.
• Click Disable.
• Click YES for confirm.
• Close all windows and reboot your computer.

Step 2: Delete UACd.sys trojan driver and malware files.

• Download Avenger from here and unzip to your desktop.
• Run Avenger, copy,then paste the following text in Input script Box:
  

  Drivers to delete:
  UACd.sys

  Files to delete:
  C:\WINDOWS\system32\wJQs.exe

  Then click on ‘Execute’.

• You will be asked Are you sure you want to execute the current script?. Click Yes.
• You will now be asked First step completed — The Avenger has been successfully set up to run on next boot. Reboot now?. Click Yes.
• Your PC will now be rebooted.

Step 3: Remove UACd.sys trojan files and any associated malware.

• Download Malwarebytes Anti-Malware (MBAM). The program designed to quickly detect, destroy and prevent malware, spyware, trojans.
• Once downloaded, close all programs and Windows on your computer (including this one).
• Double-click on the icon named mbam-setup.exe to install the application.
• When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select “Perform Quick Scan”, then click Scan.
• MBAM will now start scanning your computer for malware. This process may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• MBAM will now delete all of the files and registry keys and add them to the quarantine.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

UACd.sys trojan creates the following files.

%System%\uacinit.dll
%System%\drivers\UAC[RANDOM CHARACTERS].sys
%System%\UAC[RANDOM CHARACTERS].dll
%System%\UAC[RANDOM CHARACTERS].log
%System%\UAC[RANDOM CHARACTERS].dat
%Temp%\tmp[RANDOM NUMBERS].tmp

If you need help with the instructions, then post your questions in our Spyware Removal forum.