Were you infected by We provide detailed removal instructions for all versions of Windows.


Smartinf.Ru is a virus that should be removed immediately from your system – it is extremely dangerous and can cause much harm if left unattended. Since you are visiting this removal guide, you have already identified exactly which virus has infected you. Deleting it before it can cause harm is mandatory for the well-being of your PC. While you can just skip to the instructions below, we suggest you take a quick look at the rest of the article, because it can be instrumental in helping you avoid things like in the future.

WARNING! EXTREMELY IMPORTANT! You should know that browser hijackers will try to trick you – but there is just one reason for them to do so. Whether it is to apply fake updates, scan, renew database, or whatever else the creators of think of, it will want access from you. Do not give access to any programs that prompt you to do so, even if they look legitimate or like Windows itself. If you fail to heed this warning, you can end up with more browser hijackers, adware, or in the worst case scenario, even ransomware. Ransomware are the boogeymen of security experts – these are malicious programs that gather your personal files (including documents, movies, song, books, etc) and encrypt them – which is to say lock them up so you can’t access them. Then ransomware will try to extort money out of you by making you pay for the decryption key necessary to release the files. And you need to do all of that in a window if time the infection gives you – usually between 24 and 48 hours. If you can’t cough up some green until then, the key is destroyed, making your files unusable unless you find a way to crack the encryption code…. which may happen a few months later.

Doesn’t sound pleasant, right? Remove before it gets to that critical point.

Let’s take a look at (and browser hijackers in general)

The word browser hijacker is a fusion between ad (short of advertisement) and malware (a hostile&intrusive program). You are already familiar with how a browser hijacker (in the face of operates – it generates ads. Closing every pop-up can be a real pain in the ass, but even more substantial danger may come if you interact with those ads and download something.

REMEMBER! All products offered by the ads are fake. In fact each and every ad you decide to explore can lead to either of these things:

  • Waste your time as the hyperlinks don’t really lead to the product advertised.
  • Rob you of money as they are no actual products sold and everything is a scam.
  • Implant more viruses in your computer if you download and install anything.

Close all pop-ups and ignore all ads and the virus is harmless. However, it is important to know that you may be seeing a couple of other messages that may not look exactly like ads. Several examples:

  1. Pop-up with error message that want you to install a missing plug-in.
  2. A media player that wants a specific video player before it will show video.
  3. A warning about an outdated important program like Flash or Java and offer to install the update.
  4. “Free” software for download. Anti-virus scanners are very commonly used as bait for this scam.

Make no mistake – each every one of these things is a virus. In fact you are looking at some of the most popular tricks to spread viruses like You may see similar messages on many different sites around the web and they are a clear indication when a site is not safe.

IMPORTANT! If you are thinking you may actually have to update or program or are genially interested in one of the offered things (after all, they do use legitimate programs as decoys) do the following. Google the name of the program you want and download it from the official site. That way you are 100% certain its virus free.

One more trick most people are unaware of

That trick is the so-called program bundles. It is customary for developers to add additional programs and utilities to the installer of their product. This is done for promotional purposes for other products from the save dev or for his partners.

Unfortunately, especially with free programs, this extra things may be browser hijacker. For this reason never do a default installation, but an Advanced one and un-click all unwanted extras.

Also, you should be aware that the moment got in, it started tracking your browsing behavior, asking to online surveys, except it’s not asking but outright recording. It also gathers any account names and passwords you visit and type in, and has the capability to read cookies. The information is stored on your PC and sent to whoever created about a week after the infection is first encountered. This could lead to disasters if you these people get a hold of PayPal accounts or any other that use active online payment methods. We recommend a full password change to any accounts exposed to sensitive information.

How to Remove

Things readers are interested in:


Our first step here is a reboot in Windows Safe Mode. If you already know how to do it, just skip this and proceed to Step 2. If you do not know how to do it, continue reading:

For Windows 98, XP, Millenium and 7 Users:

Restart your computer. To be sure you don’t miss the window of time when you need to press it, just spam F8 as soon as the PC starts booting. In the new menu, choose Safe Mode With Networking.


Proceed to Step 2.

For Windows 8 and Windows 8.1 Users:

 Press the Windows Key and R at the same time. Select the Boot tab in the new window that appears.


Then check the Safe Boot option and click OK.  Click  Restart in the new pop-up.


Proceed to Step 2.

For OS X Users:

When you Mac is turned off, press the Power Button. After you hear the Startup Sound, immediately press and hold the Shift key until the Apple logo appears.

Proceed to Step 2.

STEP 2: has infected ALL of your browsers. Apply the steps separately for each one.

Remove  For Internet Explorer Users:

Open IE, then click  Remove —–> Manage Add-ons.


Find . Disable it.

If your Home Page is different from the usual, click Remove —–> Internet Options>edit the URL box with your preferred search engine, and click Apply.

Remove  For Mozilla Firefox Users:

Open Firefoxclick on Remove (top right) ——-> Add-ons.


Hit Extensions next.

Remove  should be somewhere around here –  Remove it.

Remove For Google Chrome Users

 Start Chrome, click Remove —–>More Tools —–> Extensions.



In  Extensions,  find the virus and  select  Remove


 Click Remove   again, and proceed to Settings —> Search (the fourth tab), select Manage Search Engines.  Remove anything but the search engines you normally use.


Remove For Safari Users:

Open Safari, and click Safari —–>Preferences —–> Extensions—–>Uninstall the malware.


(Works for Windows XP, Windows 7, Windows 8, Windows 8.1)

Hold Remove Smartinf.ruand R together. Write appwiz.cpl  in the new field, then click OK.


You are now in the Control Panel. Search around for and anything else suspicious-looking.   Uninstall  it/them. Also, be extremely careful. Viruses often spend one last ditch effort to trick you into installing more of their kind. If you see a screen like this when you click Uninstallchoose NO:



This is perhaps the most important and difficult step, so be extremely careful. Open the Task Manager by right clicking on the Taskbar and choosing Start Task Manager.


Once it opens, choose the Processes Tab. Look at all of the processes in front of you and try to determine which ones are a virus. Google them or ask us in the comments and we will provide the best assistance we can. If the virus returns later on after you supposedly removed it, the reason is that you missed something here.


Right click on each of the virus processes separately and select Open File Location. Also, End the process after you open the folder. Just to make sure we don’t delete any programs you mistakenly took for a virus, copy the folders somewhere, then delete the directories you were sent to.

STEP 5: 

You should do the following for ALL browsers you have installed. Browser hijackers infect everything while in your system. You need to manually get rid of it from each shortcut. You should do the following:

Right click on the browser’s shortcut, then click Properties.

Alternatively, if you have your browser pinned down to the taskbar, you Right click it, then Right Click again on the Small Browser Icon —–> Properties

NOTE: Below, we are showing Google Chrome, but the method is the same for all browsers.


Once you’ve reached Properties —–> Shortcut (on the band at the top), then in the Target type field, you should REMOVE EVERYTHING AFTER .exe”



Now click on the Menu icon on top, and go to Settings. In Settings, find the Search section (the fourth one from top), then click Manage Search Engines. In there you should remove any search sites you do not use.



We’ve had reports that this virus can come back after you uninstall it. This usually takes place on system boot. If this happens, do the following:

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. Alternatively, if you can’t find any this way, look in these directories, and delete the registries manually:

  • HKEY_CURRENT_USER—-Software—–Random numbers
    HKEY_CURRENT_USER—-Software—Microsoft—Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft— Internet Explorer—-Main—- Random


STEP 7 – Optimization

And that’s it. Well done for removing We’ve prepared a short and sweet optimization guide, specifically designed for users who just removed a virus. It is completely free, you do not need to download anything, and it’s not very time consuming. If you are interested, you can check it out here.




About the author


Nathan Bookshire

Leave a Comment