It's both free and paid. And works cross platform.

this is no ordinary crap.

no contact info. i'm not going to use them if they cant tell me they know what this is.
it would require me getting on the web to download, and i doubt either of these machines will let me download it. i have had issues trying to download other stuff.

1. First, make backups. Keychains especially. Take some screenshots or camera shots.

2. Next, call your bank. Change your credit and debit cards.

3. Call AppleCare and ask them about "p".

4. Offer to send a screenshot.

5. They may ask you to enable Screen Sharing. Agree to this. This will require your password. They will analyze your computer using "your" mouse and keyboard from their system.

--- note: only do this with an AppleCare person.

6. Then it gets trickier. Making sure your internet accounts where you spend money are safe.

7. Whatever you do, do not get MacKeeper or CleanMyMac.

8. Javascript in your browser and emails is a powerful thing. This is part of how major websites work. Its often part of attacks. A browser with built-in protection such as Epic (see epic. browser. dot com ) or third party extensions for Safari or Chrom or Firefox will help. On Safari on my iPhone, I keep Javascript off in general. its a balance. Either keep Javascript off -- or take action using extensions.

9. Consider asking your mac specialist to install a HOSTS file, if you don't know how. Its easy and alleviates some risk, not to mention advertisers. (they are easy to remove also. )

----------

The main things are -- BACKUPS and TALK TO YOUR BANK. then go from there.

so, i'm looking for specific info on this particular thing.
thanks tho.

There's an authorized Apple dealer a mile from me. Two weeks ago, I went to that store to ask a question. They had to call the main office to get an answer. Later on, I found out how bad the answer was.

You may need to provide your Mac serial number in this AppleCare call. See the ABOUT THIS MAC in top left.

Or post here, and I will find a way.

it came up, it's in the activity monitor. i shut it down, so hopefully they will be able to fix it this time.
i'm just trying to find out more about it in the meantime.

It is more that likely associated with your current username.

like, my bank is under my social, etc.
those i cant change.

or in you user folder.. Entirely different places. I personally think it is in your safari cache,

(Once upon a time, I was pretty good at this stuff. At the time, nobody needed what I knew.)

trouble is, i search for p and i cant find it.
i even sampled it and searched lines of the code and couldnt find it.

not surprised you cant trash it, tho. this is some slippery shit.

With the finder interface? Or with a 'sudo find' command in terminal? It could be in a directory that isn't indexed by the usual speedy search engines.

It could also be overwriting the command name. Not sure what macOS does these days, but it used to be that you could stuff a string into argv[0] and have it appear as you wanted in the output of 'ps' (or activity monitor).

not sure if i want to monkey w it. but for future reference, thank you.

i'll get it into the repair guys and see if they can figure it out.
from what i have read, apple doesnt believe this is a thing.

i have to talk to them AGAIN at my bank, tho. it is the one place where resetting my info isnt working. i get in, then next time i try, i cant.
obviously this thing is in their system too.