RustBucket Malware

7-day Free Trial w/Credit card, no charge upfront or if you cancel up to 2 days before expiration; Subscription price varies per region w/ auto renewal unless you timely cancel; notification before you are billed; 30-day money-back guarantee; Read full terms and more information about free remover.

*Source of claim SH can remove it.


RustBucket is a new malicious threat recognized as a representative of the Trojan horse category. RustBucket is capable of a long list of harmful tasks and is considered to be extremely dangerous. 

The RustBucket Mac Malware detected by multiple antivirus programs in VirusTotal

Removing a Trojan horse virus from your Mac can be a formidable challenge if you are not an experienced Mac user and if you do not know what to look for inside your system. In fact, in some cases, even IT professionals with high computing skills might find it difficult to remove such a threat from an infected machine. However, if you currently have RustBucket or some other Trojan on your computer, then there really aren’t many alternatives. You can either wait idly as the malware carries out its insidious tasks or take action and, with some luck, eliminate the virus.

Of course, you are likely going to need some help with that which is the main reason we are writing this article. Here, you can find some general information about the RustBucket infection and about the Trojan horse malware class in general as well as a detailed removal manual that will guide you through the process of liberating your machine from the insidious malware program.

The RustBucket Malware

We should first tell you something more about the capabilities of these so-called Malware. Unlike more specialized Trojan types like spyware or ransomware, malware such as RustBucket are actually quite versatile. They tend to have a number of different abilities that can be used together or separately depending on exactly what the hackers who control them seek to achieve. In some cases, a virus of this kind might delete essential data from your HDD and thus corrupt your system and render the Mac unusable while in other cases, the purpose of the attack might be more covert and the Trojan might try to silently spy on you or even control certain processes in your computer without showing any symptoms. Regardless of the actual use of the Trojan in each separate case, however, removing the infection is still of utmost importance and this is where the following guide should come in handy.

Be careful in the future

Removing the infection caused by RustBucket is certainly crucial in order to keep your system healthy and secure but it’s also important to never allow such threats to infiltrate your Mac in the future. To achieve that, you should, of course, keep a strong and reliable antivirus solution inside your Mac. However, this is usually not enough of a precaution measure on its own to keep your Mac reliably defended. An antivirus might still fail to detect some newer infections and this is why you must also ensure that you manually reduce the chances of landing some nasty new virus.

The way to do that is by avoiding shady websites and keeping away from any form of web content that might be infected. Suspicious e-mails and potentially spam messages, random ads coming from questionable sources, browser hijacker apps (QSearch, Search-alpha) and adware that might have gotten in your browsers and so on and so forth. Also, be sure to avoid downloading pirated content – not only is downloading pirated software illegal but it is also dangerous as many games and other programs that are getting illegally distributed might have nasty viruses and Trojans like RustBucket in them.


Detection Tool

anti-malware offerOFFER Read more details in the first ad on this page, EULA, Privacy Policy, and full terms for Free Remover.

*Source of claim SH can remove it.

If you have a Mac virus, continue with the guide below.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide

Remove RustBucket Malware

For a quick way to remove RustBucket try to do this inside your Mac browser:

  1. Open your Mac browser.
  2. Go to Preferences.
  3. Now navigate to the extensions sub-menu.
  4. Look for any unfamiliar entries, including RustBucket.
  5. Remove RustBucket from your Mac as well as any other suspicious-looking items by clicking on the trash bin icon.

If this does not help then continue reading this article for more detailed instructions on how to get rid of RustBucket!


*Source of claim SH can remove it.

The first thing you need to do is to Quit Safari (if it is opened). If you have trouble closing it normally, you may need to Force Quit Safari:

You can choose the Apple menu and click on Force Quit.

Alternatively, you can simultaneously press (the Command key situated next to the space bar), Option (the key right next to it) and Escape (the key located at the upper left corner of your keyboard).

If you have done it right a dialog box titled Force Quit Applications will open up.

In this new dialog window select Safari, then press the Force Quit button, then confirm with Force Quit again.

Close the dialog box/window.



*Source of claim SH can remove it.

Start Activity Monitor by opening up Finder, then proceed to

Once there, look at all the processes: if you believe any of them are hijacking your results, or are part of the problem, highlight the process with your mouse, then click the “i” button at the top. This will open up the following box:


Now click on Sample at the bottom:


Do this for all processes you believe are part of the threat, and run any suspicious files in our online virus scanner, then delete the malicious files:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    The next step is to safely launch Safari again. Press and hold the Shift key while relaunching Safari. This will prevent Safari’s previously opened pages from loading again. Once Safari is opened up, you can release the Shift key.

    On the off chance that you are still having trouble with scripts interrupting the closing of unwanted pages in Safari, you may need to take some additional measures.

    First, Force Quit Safari again.

    Now if you are using a Wi-Fi connection turn it off by selecting Wi-Fi off in you Mac’s Menu. If you are using a cable internet (Ethernet connection), disconnect the Ethernet cable.


    Re-Launch Safari but don’t forget to press and hold the Shift button while doing it, so no previous pages can be opened up. Now, Click on Preferences in the Safari menu,

    Preferences in Safari

    and then again on the Extensions tab,

    extensions in safari

    Select and Uninstall any extensions that you don’t recognize by clicking on the Uninstall button. If you are not sure and don’t want to take any risks you can safely uninstall all extensions, none are required for normal system operation.

    The threat has likely infected all of your browsers. The instructions below need to be applied for all browsers you are using.

    Again select Preferences in the Safari Menu, but this time click on the Privacy tab,
    Privacy in Safari

    Now click on Remove All Website Data, confirm with Remove Now. Keep in mind that after you do this all stored website data will be deleted. You will need to sign-in again for all websites that require any form of authentication.

    Still in the Preferences menu, hit the General tab

    General Tab in Safari

    Check if your Homepage is the one you have selected, if not change it to whatever you prefer.
    Default Home Page

    Select the History menu this time, and click on Clear History. This way you will prevent accidentally opening a problematic web page again.

     How to Remove RustBucket From Firefox in OSX:

    Open Firefoxclick on mozilla menu (top right) ——-> Add-onsHit Extensions next.

    pic 6

    The problem should be lurking somewhere around here –  Remove it. Then Refresh Your Firefox Settings.

    How to Remove RustBucket From Chrome in OSX:

     Start Chrome, click chrome menu icon —–>More Tools —–> Extensions. There,  find the malware and  select  chrome-trash-icon.

    pic 8

     Click chrome menu icon again, and proceed to Settings —> Search, the fourth tab, select Manage Search Engines.  Delete everything but the search engines you normally use. After that Reset Your Chrome Settings.

    If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


    About the author


    Violet George

    Violet is an active writer with a passion for all things cyber security. She enjoys helping victims of computer virus infections remove them and successfully deal with the aftermath of the attacks. But most importantly, Violet makes it her priority to spend time educating people on privacy issues and maintaining the safety of their computers. It is her firm belief that by spreading this information, she can empower web users to effectively protect their personal data and their devices from hackers and cybercriminals.

    Leave a Comment