back to top
iGBHow-toHow to remove Search Marquis from Mac (2024)

How to remove Search Marquis from Mac (2024)

Measure to be taken to block Search Marquis from entering Mac:

  • Always install apps from known or credible websites sites and applications.  
  • Only install extensions from the Chrome web store or trusted sources.
  • Search Marquis is a virus that affects the browser on your Mac

It was a normal day when you opened your browser on Mac to surf the internet but noticed something unusual. Your browser is redirecting you to other search engines or web pages. Since you are pretty sure you haven’t made any changes or someone else, then the culprit will be the Search Marquis virus, also known as Search Baron!

So, what is the Search Marquis search engine virus, and how can you eliminate this browser search hijacker from your Mac? No worries, as I will provide information about this search Baron malware and guide you on removing Search Marquis from your Mac.

What is Search Marquis?

Search Marquis is a browser hijacker pretending to be a useful browser extension that targets Safari, Google Chrome, and other web browsers on Macs.

Once installed, this tool hijacks your browser and modifies your browser settings and preferences without your permission. It changes your search engine and homepage into Search Marquis.

While it appears like a legit search engine, it isn’t an actual search engine. The main goal of this malicious software is to redirect users to several unwanted websites and generate income for its developers through online advertising.

Although Macs are generally less susceptible to malware and viruses, it is always good to know the most common Mac viruses and how to remove them. Search Marquis disguises itself as a useful browser extension to get access to your Mac and then changes the default search engine on Safari or other popular web browsers on Macs.

Apart from changing search engines, Search Marquis can also change the default start page browser preferences and settings or, even worse, send your user data to those unknown virus creators.

How do I know if my browser is affected by Search Marquis?

You’ll first notice that your web browser’s default engine, homepage, and new tab page have been replaced with Search Marquis, and all the search queries are redirected to

If you try to change the browser settings back to how they used to be, it will soon revert to the way the virus wants it to be, making you realize that no matter what you do, it’s impossible to change browser settings. That’s your cue to eliminate Search Marquis on Safari or any other browsers on your Mac.

Users are mostly redirected to when the Search Marquis virus affects their Mac. But before reaching Bing, the virus will first lead users through some sketchy sites, mainly:


It also installs sketchy add-ons and shows you a lot of suspicious pop-up ads, in-text links, and banners. Search Maquis overloads your Mac’s CPU, reduces its system performance, and freezes your browser, giving you a poor browsing experience.

Moreover, Search Marquis overloads your Mac’s CPU, reduces system performance, and freezes your browser, resulting in a poor browsing experience. And even worst part??? It may collect cookies and other personal data from your computer to ad affiliate networks.

Reasons why Mac gets affected by Search Marquis

Search Marquis primarily enters your Mac through a software packaging scheme called bundling. It comes with extensions or software that you may download from malicious or unknown sites. Ad affiliate networks bury the details about the bundled software in the accompanying terms and conditions. In turn, users unknowingly consent to the download and allow the affiliate networks to operate legally.

The best way to prevent this is by visiting trusted websites and paying attention to terms and conditions before installing anything on your device.

How to get rid of Search Marquis virus from Safari on Mac

The next step in removing Search Marquis on Mac’s Safari is to uninstall all those suspicious and unused extensions.

To ensure the virus doesn’t attack Safari again, follow the steps below.

Fix website redirection settings

Apart from changing the default search engine on Safari, you also need to change the default homepage from what was set by the Search Marquis virus.

  1. Launch Safari on Mac.
  2. Click Safari option from the menu bar.
  3. Choose Settings.
    For macOS Monterey or earlier, it is Preferences.
  4. Select the General tab.
  5. If the Homepage field contains a different webpage, change it to the one you want.

    Click General, change Homepage field on Mac

In some cases, a bug may grey out the homepage field. When that happens:

  1. Open Safari → Preferences → General.
  2. Enter your desired homepage in the Homepage field, but don’t press the Return key. Instead, click any other tabs like Autofill or Tabs. Doing so will cause a prompt to show up, asking to confirm the change.

If doing all the above didn’t help, try this:

  1. Quit Safari.
  2. Open Finder → Go → Go to Folder.
  3. Enter this in the Go Folder search field and hit return: ~/Library/Preferences/
  4. If there’s a match, delete the file → reopen Safari.

    Delete Safari Plist file on Mac

Reset Safari on Mac

Now, while this is optional, it is still a good option to completely clean all the data of Safari and have a fresh start. Here’s what you need to do:

  1. Open Safari.
  2. Choose History from the menu bar.
  3. Here, choose Clear History from the bottom.

    Click Clear History under Safari Menu
  4. From the drop-down menu to Clear, select All history.
  5. Choose Clear History.

    Reset Safari on Mac by Clear History

Your browsing data will be cleared instantly. Once done, Force Quit the app and reopen it to see if Safari browser is redirecting to Bing or any other search engine apart from the one you have set.

How to remove Search Marquis virus from Chrome on Mac

Apart from that, many users also use Chrome as their default browser, and here are the things you need to do to stop Search Marquis from Mac on Chrome.

Remove suspicious extensions

  1. Open Chrome.
  2. Click the Extensions icon near your profile.
  3. Choose Manage Extensions.
    Alrernatively, paste chrome://extensions/ in the searchbar and hit return.

    Click Manage Extensions in Chrome
  4. Look through suspicious extensions or the ones you don’t want to use.
    Note: Most Adobe Flash extensions are frequently hacked.
  5. Click Remove.

    Click Remove to Delete Chrome Extension
  6. Confirm by clicking Remove again.
    You can also report the extension if wanted.

Fix website redirection settings

  1. Open Chrome.
  2. Choose Chrome from the menu bar → select Settings.
  3. Next, select Search engine.
  4. From the drop-down menu, choose the search engine of your choice.

    Select search engine on Chrome

If you are unable to find one of your choices:

  1. Go to Chrome on the menu bar → Settings.
  2. Select Search engine.
  3. Hit Manage search engines and site search.
  4. Select Add next to Site Search.
  5. Add the search engine URL, shortcut, and name on the respective fields.
  6. Click Add.
  7. Now find the search engine under Site Search.
  8. Hit the three dots next to it → select Default.

Reset Chrome on Mac

  1. Open Chrome.
  2. Select History from the menu bar.
  3. Click Show Full History.
  4. Select Clear browsing data.
  5. Select the time range (here, we are selecting All time).
  6. Tick Browsing historyCookies and other site data, and Cached images and files.
  7. Hit Clear data.

    Clear Data in Chrome

Apart from that, you can completely reset Chrome from:

  1. Select Chrome from the menu bar → Settings → Choose Reset settings.
  2. Next, choose Restore settings to their original defaults.
  3. Choose Reset Settings to confirm changes.

How to remove Search Marquis from Finder

Now that we know about Search Marquis or how it gets into your Mac, let us now look at how to get rid of Search Marquis on your Mac. 

Trash malicious apps

You need to first find the malicious files and apps on your Mac that Search Marquis may hide. To do this, you need to open Activity Monitor.

  1. Open Finder
  2. Click Go on the menu bar.
  3. Select Utilities.
  4. Open Activity Monitor.
    Alternatively, you can also use Launchpad to open Activity Monitor. You can also use the Spotlight search on Mac to dig up the application.
  5. Once opened, look for suspicious or unfamiliar resource-intensive activities in the CPUMemory, and Battery tabs. Usually, these kinds of apps hide under an unthreatening name, so If you feel something seems questionable, simply search about it.
  6. Once you find a suspicious app, select the suspicious app.
  7. Click the (x) button on top.

    Select browser and click x
  8. Choose Force Quit from the pop-up.

    Click Quite to Confirm

Note: You have to be careful when deleting files or processes. Deleting the wrong file may damage your system.

You can also stop apps from starting on the startup to prevent them from meddling with the browser settings or completely uninstall them.

Remove unwanted files

Apart from uninstalling all the suspicious apps, you need to ensure deleting all the files of the respective apps. Not only will this help you block Search Marquis from Safari or any other browsers on your Mac, but it will also help you free up space on your Mac.

  1. Open Finder.
  2. Hit Go option from the menu bar → select Go to Folder.
  3. Next, copy-paste these commands in the search dialog box one at a time → press return:
    • /Library/LaunchAgents: LaunchAgents are files and programs that run in the background once you log in with a user ID. Once you reach this folder, Examine the contents for anything sketchy, especially something recently added. Also, make sure to check on ~/Library/LaunchAgents.
      These are the common files you need to be aware of: com.avickUpd.plist, com.updater.mcy.plist, com.pcv.hlpramc.plist, and com.msp.agent.plist.
    • ~/Library/Application Support: The Application Support folder is the place where apps store the files to operate. Here, check for recently generated suspicious folders, specifically the ones unrelated to Apple apps and products you don’t remember installing. Some commonly known malicious folder names including: IdeaShared, ProgressSite, and UtilityParze.
    • /Library/LaunchDaemons: Launch Daemons is an internal service for running macOS. Sometimes, the Mac search virus files can be found in this directory, and hence you need to also check out files here. Some examples: com.ExpertModuleSearchDaemon.plist, com.applauncher.plist, and com.startup.plist.
  4. If you find malicious files, right click them → Move to bin.

    Below are some other known malicious files to look out for a while you are removing Search Baron and search marquis from Mac:
  • com.Search Marquis
  • com.Search Marquis.plist
  • com.adobe.fpsaud.plist
  • com.AdditionalChannelSearchDaemon
  • installmac.AppRemoval.plist
  • mykotlerino.ltvbit.plist

Note: Sometimes, Search Marquis files will stay hidden, so you might have to unhide these files and folders to find and delete those uninvited guests. Remember, it is hard to distinguish what is important and what is not. Hence, before deleting them, do a quick search on the internet and then decide.

Check and remove suspicious login items

In business and company settings, IT admins use profiles to control the behavior of their employees’ devices. These profiles may restrict specific actions and configure their Macs to do different things.

Similarly, browser hijackers and adware may use configuration profiles to prevent users from removing malicious programs from their devices, including changing their browser settings. Some examples of profile configurations include: TechSignalSearchAdminPrefsChrome Settings, and MainSearchPlatform. To remove login items, do the following:

On macOS Ventura or later:

  1. Open System Settings.
  2. Choose General.
  3. Select Login Items.

    Click Login Items in Mac Settings
  4. Under the Open at Login section, If anything is suspicious, select it and click minus (-) button.

    Click Minus icon to delete Chrome
  5. Also, make sure to toggle off any suspicious apps.

    Turn ON toggle next to app

On macOS Monterey or earlier:
@padmasuraj refer old article for images

  1. Go to System Preferences → Users & Groups.
  2. If you see a Profiles icon, click it.
  3. Check for any suspicious apps → hit the minus (-) button.
  4. Choose Remove.

Apart from that, you need to check and delete any unknown profiles on your Mac as Search Marquis virus might create a custom profile to restrict specific actions to prevent users from removing Search marquis on Mac and make browser settings.

Is Search Marquis dangerous? 

Yes. Besides changing the default browser settings, Search Marquis malware sends your data to unknown sources. Hence the Search Baron virus is harmful to your PC.

Why does search Marquis appear in Chrome

The main reason for Search Marquis affecting the Chrome browser is that you might have installed malicious apps or extensions, and this malware has entered your system through bundling. The only solution is to follow the steps mentioned to stop Search Marquis from Mac Chrome.

Can browser hijackers steal passwords? 

Unfortunately, yes. If a search engine virus hijacks your Mac or browser, these browser hackers will access all of your data, including passwords and search history.

Happy browsing!

With this detailed guide, I have included all the steps to remove Search Marquis from Mac. However, that doesn’t make your Mac immune to it, especially if you continue to download from unknown sites and use suspicious apps.

Another way to quickly scan for viruses and prevent future attacks and infections is to get anti-malware software. These antivirus programs regularly scan for viruses and offer protection and security for your Mac. If you have any doubts, queries, or suggestions, drop them in the comments.

More interesting reads:

  • Anoop

    Anoop loves to find solutions for all your doubts on Tech. When he's not on his quest, you can find him on Twitter talking about what's in his mind.

    View all posts

🗣️ Our site is supported by our readers like you. When you purchase through our links, we earn a small commission. Read Disclaimer.


Please enter your comment!
Please enter your name here

Related Articles