Windows Easy Supervisor is one of the many rogue programs that act as an anti-spyware program in order to scare the user into thinking his/her computer has been compromised.
Being part of the Fake Microsoft Security Essentials, Windows Easy Supervisor will first start displaying alert messages suggesting that your computer is infected with an Unknown Win32/Trojan after which you will be prompted to scan your computer. The scan however is a fake and it will state that one of your files has been infected with Trojan.Horse.Win32.PAV.64.a. You will next be (miss)informed that the only way to get rid of this infection is to download and install Windows Easy Supervisor. Pressing the OK button will automatically download and install Windows Easy Supervisor on your machine, after which your computer will reboot.
After the reboot you will not be able to access your regular desktop screen. Instead, you will be presented with a Windows Easy Supervisor window, prompting you for another scan. Note that you will not be able to close this Windows Easy Supervisor main window and return to your regular desktop screen unless you perform this fake scan.
How To: Remove Windows Easy Supervisor Virus / Malware ( Removal Guide )
After the fake scan is completed, you will be informed that multiple threats have been found on your computer and that the only way to get rid of these infections is by purchasing the so called “full version” of Windows Easy Supervisor. Do Not let yourself scared into believing this, as it is just another fake statement in order for you to give away your money and credit card information.
Windows Easy Supervisor Removal Guide
Before you start with the disinfection process, you will need to download RKill, Shell.reg and Malwarebytes’ Anti-Malware (MBAM).
Note that you might not be able to download these files directly on the infected machine due to the fact that Windows Easy Supervisor might not let you access the internet. If this is the case then your only option is to download these files by using a clean computer and then transfer them on the infected machine via CD/DVD, USB flash drive or any other means.
- Before you get rid of the infection you need to get rid of any processes related to the infection. In order to do so you will need to run RKill and let it scan your computer. Take your time as this might be a rather long process. Ignore any messages suggesting that RKill is a threat as these messages are nothing more than attempts of Windows Easy Supervisor to keep you from taking any measure against it. In case you are still experiencing problems when trying to use RKill you need to download a renamed version like iExplore.exe and use that one instead. Do Not reboot your computer after this step.
- Windows Easy Supervisor is a bit trickier than meets the eye. If you will remove it before you restore your Windows Registry Shell value you will not be able to access your desktop screen by any means. That’s why you will need to run Shell.reg and let it merge the data in order to prevent the above mentioned to happen.
- After running Shell.reg you will now start the MBAM installation process. Make sure that both the Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware are checked. After MBAM finishes installing on your system, perform a reboot if you are prompted to do so.
- At startup, MBAM should automatically update itself, after which you will need to press OK on the message box. Once pressed, you will now be presented with MBAM‘s main screen. Go to the Scanner Tab, check the Perform Full Scan radio button and then click on the Scan button below.
- After the scanning is complete, MBAM will display the full list of threats found on your computer. Make sure every one of these threats are checked and then press the Remove Selected button. After MBAM finishes cleaning your computer you might be prompted for a reboot. If so, please restart your computer.
If you have followed these steps accordingly you should now be rid of Windows Easy Supervisor. However considering the fact that your system got infected in the first place it is highly recommended that you follow this Secunia PSI guide in order to determine whether you have vulnerabilities on your computer.
