XProtect Consistently Eating Tons Of RAM?

I recently updated my 2017 MBP to Ventura. Ever since, my system has been running very poorly I've noted that 90% of the time, when it is acting up, there is an XProtectRemediatorSnowBeagle process taking up 2.01 GB of RAM – consistently. It does not go away, and force-quitting only works maybe half the time. Trying to kill it from terminal often fails as well, with some variant of "Operation Not Permitted" It's usually a root-owned process. At least once, there's been a second copy of it, taking up another 2.01 GB of RAM, owned by the active user account Other remediators, like XProtectRemediatorAdload, seem to run normally – they get up to something like 1.5 GB of RAM, and then finish what they're doing and quit. This one doesn't. It just sticks around in RAM Sampling it in Activity Monitor shows a call graph hung on a _dispatch_group_wait_slow -> _dlock_wait -> __ulock_wait. I can't find any suspicious files open with lsof I haven't tried a fresh install yet. I'm hoping to avoid it, as it's always a nightmare to get everything configured how I want it again. I'd really prefer to diagnose what's causing it to hang, and get rid of that... or reinstall XProtect, if that's a thing... or just disable it altogether, tbh, as I'm pretty confident in my ability to avoid malware on my own – but I can't figure out how to do any of that Any ideas? I've tried an SMC reset, NVRAM / PRAM reset, disabling csrutil... no dice. Raw logs below dtruss:

SYSCALL(args) 		 = return
bsdthread_ctl(0x100, 0x800004FF, 0xFFFFFFFF)		 = 0 0
bsdthread_ctl(0x100, 0x0, 0x310B)		 = 0 0
kevent_id(0x7FCF9BF68EF0, 0x700000F3F338, 0x1)		 = 0 0
kevent_qos(0xFFFFFFFFFFFFFFFF, 0x700000F3F5B0, 0x1)		 = 0 0
thread_selfid(0x0, 0x0, 0x0)		 = 233467 0
bsdthread_ctl(0x100, 0x0, 0x310B)		 = 0 0
workq_kernreturn(0x100, 0x700000DB6B80, 0x1)		 = 0 Err#-2
bsdthread_ctl(0x100, 0x800004FF, 0xFFFFFFFF)		 = 0 0
bsdthread_ctl(0x100, 0x0, 0x310F)		 = 0 0
workq_kernreturn(0x20, 0x0, 0x1)		 = 0 0
workq_kernreturn(0x40, 0x700000F3FB80, 0x0)		 = 0 Err#-2
kevent_qos(0xFFFFFFFFFFFFFFFF, 0x700000DB66A0, 0x1)		 = 0 0
bsdthread_ctl(0x100, 0x0, 0x310F)		 = 0 0
kevent_id(0x7FCF9BF66FC0, 0x700000F3F918, 0x1)		 = 0 0
workq_kernreturn(0x40, 0x700000DB6B80, 0x0)		 = 0 Err#-2
bsdthread_ctl(0x100, 0x0, 0x310F)		 = 0 0
madvise(0x7FD056009000, 0x1000, 0x7)		 = 0 0
psynch_cvbroad(0x7FD055008F68, 0xC0000000D00, 0xC0000000100)		 = 257 0
psynch_cvwait(0x7FD055008F68, 0xC0100000D00, 0xC00)		 = 0 0
ulock_wake(0x1000002, 0x102867E00, 0x0)		 = 0 0
ulock_wait(0x1050002, 0x102867E00, 0x3312)		 = 0 0
workq_kernreturn(0x100, 0x700000DB6B80, 0x1)		 = 0 Err#-2
__disable_threadsignal(0x1, 0x0, 0x0)		 = 0 0
madvise(0x7FD05600B000, 0x1000, 0x7)		 = 0 0
workq_kernreturn(0x4, 0x0, 0x0)		 = 0 Err#-2

Activity Monitor Sample:

Analysis of sampling XProtectRemediatorSnowBeagle (pid 4878) every 1 millisecond
Process:         XProtectRemediatorSnowBeagle 
Path:            /Library/Apple/*/XProtect.app/Contents/MacOS/XProtectRemediatorSnowBeagle
Load Address:    0x10271a000
Identifier:      XProtectRemediatorSnowBeagle
Version:         126
Code Type:       X86-64
Platform:        macOS
Parent Process:  XProtectPluginService 

Date/Time:       2024-02-21 18:35:09.954 -0500
Launch Time:     2024-02-21 18:11:30.241 -0500
OS Version:      macOS 13.6.4 (22G513)
Report Version:  7
Analysis Tool:   /usr/bin/sample

Physical footprint:         2.0G
Physical footprint (peak):  2.4G
Idle exit:                  untracked
----

Call graph:
    2519 Thread_204892   DispatchQueue_1: com.apple.main-thread  (serial)
    + 2519 start  (in dyld) + 1903  [0x7ff8186fd41f]
    +   2519 ???  (in XProtectRemediatorSnowBeagle)  load address 0x10271a000 + 0x2fda  [0x10271cfda]
    +     2519 ???  (in XProtectRemediatorSnowBeagle)  load address 0x10271a000 + 0x68fdc  [0x102782fdc]
    +       2519 ???  (in XProtectRemediatorSnowBeagle)  load address 0x10271a000 + 0x68c00  [0x102782c00]
    +         2519 ???  (in XProtectRemediatorSnowBeagle)  load address 0x10271a000 + 0x7d531  [0x102797531]
    +           2519 ???  (in XProtectRemediatorSnowBeagle)  load address 0x10271a000 + 0x53783  [0x10276d783]
    +             2519 _dispatch_group_wait_slow  (in libdispatch.dylib) + 43  [0x7ff8188b6aef]
    +               2519 _dlock_wait  (in libdispatch.dylib) + 45  [0x7ff8188b6849]
    +                 2519 __ulock_wait  (in libsystem_kernel.dylib) + 10  [0x7ff818a19cce]
    2519 Thread_205926
      2519 start_wqthread  (in libsystem_pthread.dylib) + 15  [0x7ff818a52bbf]
        2519 _pthread_wqthread  (in libsystem_pthread.dylib) + 427  [0x7ff818a53cb9]
          2519 __workq_kernreturn  (in libsystem_kernel.dylib) + 10  [0x7ff818a19c3e]

Total number in stack (recursive counted multiple, when >=5):

Sort by top of stack, same collapsed (when >= 5):
        __ulock_wait  (in libsystem_kernel.dylib)        2519
        __workq_kernreturn  (in libsystem_kernel.dylib)        2519

More of the sample [here](https://pastebin.com/iNTFjZQZ)