Today my machine ran out of memory. I went to Activity Monitor and it showed a process called MRT using lots of memory. I restarted my machine hoping it would help, but even after a restart I see the memory on MRT climbing by about 0.01 GB every few seconds.
I'm on macOS Sierra 10.12.6 on MacBook Pro (Retina, 15-inch, Mid 2015), 16 GB RAM.
Seems like there are reports of MRT using high CPU and how to remove it here. But I'd rather not remove it because it scans for malware.
UPDATE: I even tried the steps documented in the link above under "Manually remove MRT" but it didn't seems to work, the MRT process is still running and growing in memory usage.
Best Answer
Three systems that work together to protect your Mac from malware are:
So, these are Apple processes and if they are busy, the likely cause is you are infected or compromised. It could be a false positive, but you might consider enabling gatekeeper and sip if you disabled them and see if you can clean your system. If not, you might need a clean install that’s patched and then carefully get data back but not any programs or malware.
As a developer, I would use the gear icon in the window you show and while MRT is selected, run System Diagnostics... and file a bug report / radar / escalate a support case to Apple Engineering so they can investigate if MRT has a memory leak - that's also very likely scenario if you are sure you're not needing malware removal every moment your Mac is running.
Assuming you just want to see if you need cleaning (or for others that aren't developers and have similar issues), continue below
A great place to start if you don’t typically remove malware is MBAM - https://www.malwarebytes.com/mac/
As always, be a little skeptical / aware of free tools since scam / snake oil software “protection or cleanup” tools are in fact compromising and malicious and untruthful about what they do. If you download something from free aggregators, you could even be tricked by something that isn’t the name it says on the file or description.
I would not disable MRT if you have it running hot unless you’re sure you’re not compromised.