What's in this article

It is a common misconception that Macs don’t get viruses or malware, thanks in part to the security features such as XProtect. Whilst Apple have ensured that the Mac has strong inbuilt protections, Macs can and do get viruses and malware from nefarious sources on the net.

What is Search Marquis?

Search Marquis (whilst not technically a virus as it does not self-replicate) is fraudulent adware that is distributed through fake Adobe Flash player popups and other related malware. This guide sets out how to get rid of Search Marquis on Mac.

Search Marquis affects Macs and serves as a browser hijacker, redirecting users to problematic websites through the installation of apps and plugins without the consent of the administrator.

How is Search Marquis transferred?

Search Marquis infects Macs through a process called bundling, where a harmful program is installed alongside other seemingly safe programs that the user might willingly download. Without the user noticing, the Search Marquis malware will be installed onto the Mac, and will then hijack the user’s web browsing preferences.

The Gatekeeper feature built into the MacOS does not detect Search Marquis as the app has been code-signed, therefore it bypasses the notarization controls that Apple built in to help protect the Mac. As defined by Apple Support, “Gatekeeper helps ensure that all downloaded software has been signed by the App Store or signed by a registered developer and notarised by Apple”. However, as Search Marquis has been code-signed by a registered developer, these checks and balances are not effective at stopping the infestation of the malware.

How to remove the Search Marquis virus from your Mac

If your Mac is infected with Search Marquis, it is notoriously difficult to remove, however all is not lost. There are trusted tools on the market that you can use to rid your machine of the malware, however make sure you thoroughly research the tool to ensure that it is not further malware. Checking that the developer is notarized by Apple is a good way to judge a tool, although it is not without risk as this check can be bypassed.

There are also steps online that you can follow to remove Search Marquis yourself, however these do require an advanced level of technical understanding to ensure that it is removed safely, entirely and without further damage to your machine.

Can Search Marquis be avoided?

The Search Marquis malware is often downloaded alongside freeware, or through deceptive adverts. You can also be exposed to Search Marquis through peer-to-peer file sharing, so make sure to keep your wits about you when downloading files. Many users might seek to ‘jailbreak’ their Mac to introduce new features and customizations to their machine; however this is a prime example of how you could end up being exposed to Search Marquis if you are not careful. Luckily, Apple have been introducing new customization features for your Mac such as being able to set the Mac to dark mode without the need for external applications.