Troubleshoot Malwarebytes and macOS Mojave’s TCC

There are some issues with Malwarebytes for Mac and macOS Mojave (10.14), due to a Mac feature called TCC. This article explains TCC, what the issues are, and how to work around them.


TCC meaning

TCC is a Mojave feature that controls access to certain user data and stands for Transparency, Consent, and Control. TCC prevents apps from gaining access to things like contact info, e-mail messages, calendar data, etc, without explicit consent from the user.


How TCC conflicts with Malwarebytes

There are only two cases where TCC becomes a problem:

  • Minor problem – Due to attempts to scan protected locations, a number of errors to show up in the system logs, primarily visible through the Console app. This is not actually an issue, and these can be ignored.
  • Significant problem –  Safari’s Extensions folder is one of the TCC protected locations. Malwarebytes should not be able to scan this location by default, but there have been a few cases where it can, but then any attempt to quarantine a detected Safari extension may receive a Remedy failed error in Malwarebytes.


Removing these extensions doesn’t matter. Apple only allows certain extensions to load in Mojave, and other extensions have to use a new mechanism that doesn’t involve this protected folder. So, even if a bad extension is present, it can’t be loaded.


Solution for Remedy failed error

Give access to RTProtectionDaemon by following these instructions:

  1. Open System Preferences > Security & Privacy > Privacy

  2. Select the Full Disk Access item in the list.
  3. Click the lock in the bottom left corner of the window to unlock the preference pane.
  4. Click the + button below the list of apps.
  5. In the file selection dialog that opens, press commandshiftG.
  6. Enter the following path, then press Go:
    /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/
    Image of Go to folder window in macOS Mojave.
  7. Select RTProtectionDaemon, then click Open.
    Image of RTProtectionDaemon app located in the Plugins folder on macOS Mojave.
  8. RTProtectionDaemon is now added to the list, which means Malwarebytes can remove these extensions, and no longer generate errors.


For additional macOS Mojave information and troubleshooting, contact Apple Support.

error: Content unreachable !!