Study General virus

Study General virus – an unsafe Mac application that can steal personal information and display intrusive ads without permission

Study General virus is a macOS infection that shows intrusive ads and harvests sensitive user information via web browsers

Study General virus is a macOS infection that shows intrusive ads and harvests sensitive user information via web browsers

Study General, otherwise known as StudyGeneral, is a potentially unwanted application designed for macOS or Mac OS X platforms. Mostly distributed via fake Flash Player installers or freeware bundles,^[1] the Study General virus belongs to a well-known Adload campaign – an interconnected network of malicious apps designed to utilize AppleScript for malicious purposes. As a result, users might find several suspicious applications on their Macs, even though they did not approve the installation of them in the first place.

Once installed, the StudyGeneral virus will perform a variety of changes in the system in order to begin its operation. While the symptoms of the infection vary, users typically notice unknown web browser extensions installed on Safari, Google Chrome, Mozilla Firefox, or another web browser. Another prominent change to browsers includes their homepage modification, which is typically set to the Safe Finder, Search Pulse, or others. Once used, these search tools will deliver sponsored ads on all visited sites, gather sensitive information via the browser, and prevent users from Study General removal altogether.

While previously considered non-existent, adware, and malware on Mac platforms is becoming an increasing threat to users. In fact, according to researchers’ findings, Malware malware was being delivered at a more rapid pace than Windows malware at the start of 2020.^[2] Without a doubt, StudyGeneral is one of the threats that should not be ignored, as its distribution and operation techniques are closer to those of malware.

As previously mentioned, Study General adware is typically spread if two different ways:

• Fake Flash Player updates encountered of random sites;
• Software bundle packages downloaded from third-parties.

While the latter can be considered somewhat legitimate, fake Flash Player updates have been long used to deliver all types of malware and is propagation method that users should be well aware of when browsing the internet, as Study General virus is just one of many threats that are distributed in such a way (the notorious Shlayer Trojan and Crescent Core come to mind).

Once inside the system, StudyGeneral will place a browser extension on the used browsers, which will be impossible to eliminate regularly. With this and other browser changes, users will be forced to browse the web via a fake search engine such as Safe Finder, which will deliver sponsored search results.

Study General infected users will also frequently encounter redirects to suspicious or malicious sites, as well as ads in various forms: pop-ups, auto-play, in-text links, deals, banners, offers, and other commercial content will be present on all visited websites (even those that do not typically serve ads). With redirects, users can be exposed to more fake updates and other online scams, which would increase the chance of being infected with more malware besides Study General.

Besides displaying intrusive ads, redirecting to suspicious sites, and exposing users to a variety of online dangers, users might also see additional apps installed on their system without permission. With the help of AppleScript, StudyGeneral virus might also install its sister applications (SearchWebSvc, DataQuest, MainReady, and many others), as well as other malware in the background.

Study General is a potentially unwanted application that is usually spread via fake Flash updates or software bundles

Study General is a potentially unwanted application that is usually spread via fake Flash updates or software bundles

Another reason to remove Study General virus as soon as possible is its information tracking practices. Upon installation, the web browser extension grants itself elevated permission that no third-party software (with a few exceptions) should be able to get:

StudyGeneral 1.0

Permissions for “StudyGeneral”:

Webpage contents
Can read sensitive information from webpages, including passwords, phone numbers, and credit cards on all webpages

Browsing history
Can see when you visit all webpages

As evident, such permissions should never be granted to an app that is considered borderline malware (most of the security tools would detect it as potentially unwanted program). If abused, this harvested information can be used for malicious purposes or sold on the underground hacking forums for profit. As a result,  Study General virus-infected users might suffer from monetary losses or even identity theft.

The most terrifying is the fact that, because the StudyGeneral infiltration is stealthy, users will not be aware that such permissions are granted in the first place unless they check the installed software list. Thus, it is always important to monitor your Mac system or at least scan it with anti-malware regularly.

To eliminate StudyGeneral and all its components, you will have to locate them in particular parts of the system or perform a full system scan with anti-malware software such as SpyHunter 5Combo Cleaner. For best results, we also recommend using Reimage Reimage Cleaner Intego to ensure that the computer is running just as well as it previously did.

Don’t give in to the fake update notifications encountered on the web

While Macs are considered to be a much safe operating system due to built-in tools like the GateKeeper and XProtect, it is not immune to infections. In most cases, however, users unknowingly allow the infection to occur, whether it happens due to negligence or lack of awareness. As a result, there are thousands of users who get infected with Mac malware daily, although they are several methods to diminish that probability.

As mentioned previously, there are two main methods that Mac malware and adware is distributed – fake updates and software bundles. Both use deception, so security experts from novirus.uk^[3] have the following tips to share:

• 99% of the Adobe Flash update prompts are fake, as the technology has been replaced by HTML 5 several years ago and is no longer used by most websites;
• If you are still inclined on using Flash, go to the official Adobe website and download the plugin and its updates from there;
• If downloading applications, opt for official sources, such as App Store, Amazon, etc.;
• If you choose third-parties as a source for your apps, never rush the installation process and read the instructions carefully;
• When prompted, choose Advanced/Custom settings instead of Recommended/Quick ones;
• Watch out for pre-ticked boxes, fine print text, misleading deals and other tricks used by third-party sites and freeware authors;
• Employ anti-malware software with a PUP detection feature.

Study General virus termination instructions

Study General virus removal might be sometimes complicated, as the infection might stop users from getting rid of the app in a regular way (users reported that the extension uninstall button and the pre-set homepage are both grayed out). To bypass this, users need to locate and remove Study General related files, which can be located in the following sections on macOS:

~/Library/LaunchAgents
~/Library/Application Support
~/Library/LaunchDaemons

After that, you can eliminate the StudyGeneral extension from the web browsers and eliminate the associated app by moving it to trash. However, if you do not wish to tamper with files and you are a less experienced computer user, you can simply employ a reputable anti-malware tool and perform a full system scan with it.

Regardless of which StudyGeneral virus termination method you choose, it is advisable to reset all the installed browsers to get rid of the Safe Finder or other unwanted components that hide within the settings.

You may remove virus damage with a help of Reimage Reimage Cleaner Intego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.