MRT.app Infected with Trojan?

Most likely a false positive. I wouldn't trust any Anti-Virus app for Macs, whether they are a standalone product or one that you access from the Internet.

You may find the following ASC post helpful. A bit dated, but still an interesting read:

• OS X 10.11, MRT.app reports infected with… - Apple Community

This morning, it identified and quarantined filename MRT.app with Infection Name "Osx.Trojan.EmPyre-6852410-0" for the first time. However, I have been unable to successfully delete it because its a "Core System" file.

Any ideas?

Get rid of ClamXAV. It's telling you to delete a core system file which, if you were able to do it, would be a very bad thing. It is not necessary.

Effective defenses against malware and ot… - Apple Community

I regularly run ClamXAV updates and scans on my Mac. They usually show up without any issues or "Quarantine" items, however when they do show up, I have been able to address them fairly easily.

This morning, it identified and quarantined filename MRT.app with Infection Name "Osx.Trojan.EmPyre-6852410-0" for the first time. However, I have been unable to successfully delete it because its a "Core System" file.

Any ideas?

I appreciate your feedback. I have been a long-time Mac user and have been fortunate to be trouble free for most of that time, however added ClamX because my system began to drag and my browser kept defaulting to Linkey. It has done a good job, in my "user" opinion in resolving problems that I was spending an undue amount of time to correct.

As it is still running a scan presently, it now quarantined a second file.

Filename: /private/var/db/uuidtext/92/CD42DD84973BEBB080008C83277FE4

Infection Name: Osx.Trojan.EmPyre-6852410-0

It has done a good job, in my "user" opinion in resolving problems that I was spending an undue amount of time to correct.

In many cases, because of the false positives, it makes you think you have problems to solve that you don't actually have.

An interesting find was that the MRT apple software had a hit for (Osx.Trojan.EmPyre-6852410-0), .

Could this be nothing more than a falls positive?

False positives is a way of promoting and selling anti-virus software.

As long as you keep your Mac up to date— I would not waste the time, and consider it a non-issue.

You can easily see current version of both XProtect and MRT

From > (option key) System Info>Software>Installations> sort by date

These are pushed silently through the software update service with no notifications to the user. You are not going to find detailed information on GateKeeper, XProtect, MRT, SIP outside the walled garden of Apple for obvious reasons.

XProtect — is the the anti-malware system. Current XProtectPlistConfigData ver. 2101

MRT —Malware Removal Tool the app which often complements XProtect’s signature-based screening, and can automatically remove all traces of many different species of malware. Current MRTconfigData ver. 1.39

Clever marketing in spreading the fear.

Most people do not know what MRT is and trust some Virus scanner.

Ultimatly this is a proof that Vrius scaners are worthless and even can damage your Mac, by attacking/removing files that a legitimate Apple product.

All they have to do is to check if the File is signed and it is by Apple.

It is a false positive: Trojan found in MRT.app

Read Effective defenses against malware and other threats

Made by Apple

MRT is short for Malware Removal Tool.

It is a part of the OSX.

"Core System" file

it means it is a part of the Apple operating system.

It is made by Apple.

Good luck with the ClamX