Q: adware attack phone 0800 917 4842

my mba password, which I had to type in to restart & give him remote access.

It's definitely a scam.

Do not wait to change your password  >  Change or reset a user account password on your Mac - Apple Support

If you are using Safari, from your Safari menu bar click Safari > Preferences  then select the Privacy tab.

Click:  Remove All Website Data

The check for malware.

Download and run Malwarebyyes Anti-Malware for Mac formerly known as AdwareMedic. It's free.

Make sure Mac App Store and identified developers is selected in System Preferences > Security & Privacy > General

If you would rather not download Malwarebytes Anti-Malware, you can remove the malware manually following the instructions here >   Remove unwanted adware that displays pop-up ads and graphics on your Mac - Apple Support

There's no need to to an Apple Store. They won't help you with with a scam issue.

Change your passwords.

If you know or suspect that a hostile intruder has either had physical access or has taken control of it remotely, then there are some steps you should take to make sure that the computer is safe to use.

Running any kind of "anti-virus" software is pointless. If I broke into a system and wanted to leave a back door, I could do it in a way that would be undetectable by those means—and I don't pretend to any special skill as a hacker. You have to assume that any intruder can do the same. For example, commercial keylogging software—which has legitimate as well as illegitimate uses—won't be recognized as malware, because it's not malware.

The only way you can be sure that the computer is not compromised is to erase at least the startup volume and restore it to something like the state it was in before the attack. The easiest approach is to recover the entire system from a backup that predates the attack. Obviously, that's only practical if you know when the attack took place, and it was recent, and you have such a backup. You will lose all changes to data, such as email, that were made after the time of the snapshot. Some of those changes can be restored from a later backup.

If you don't know when the attack happened, or if it was too long ago for a complete rollback to be practical, then you should erase and install OS X. If you don't already have at least two complete, independent backups of all data, then you must make them first. One backup is not enough to be safe.

When you restart after the installation, you'll be prompted to go through the initial setup process for a new computer. That’s when you transfer the data from a backup in Setup Assistant.

Select only users in the Setup Assistant dialog—not Applications, Other files and folders, or Computer & Network Settings. Don't transfer the Guest account, if it was enabled.

Reinstall third-party software from original media or fresh downloads—not from a backup, which could be contaminated.

Unless you were the target of an improbably sophisticated attack, this procedure will leave you with a clean system. If you have reason to think that you were the target of a sophisticated attack, then you need expert help.

The above being done, change all Internet passwords and check all financial accounts for unauthorized transactions. Do this after the system has been secured, not before.

That looks like a UK number, in which case 'If you've received a potential scam message or computer virus but no money has been lost or you haven’t responded to it' you can report the attempt here:

     http://www.actionfraud.police.uk/report_fraud

C.

brand new macb air ...

So the good news is there's nothing on my mba yet except for contacts & photos when I synched with icloud,

Confirm that the above statements mean your MBA is essentially new and unconfigured, other than having used it to store photos and contacts that now reside in iCloud and can be retrieved from there. If that is in fact the case, there is nothing on the MBA to lose, and you can certainly erase it. That would be the most prudent course of action, given the uncertainties regarding the remote access event you described. It would be entirely pointless to download and install anything to assure the absence of malicious system modifications, since it is impossible for any product to provide absolute assurance of that.

To learn more about this kind of scam read Phony "tech support" / "ransomware" popups and web pages.

I have an appointment at a Genius bar next week & I won't use the Mac again till then. Not even to change my Password.

That's OK. Tell them what happened.

... & I told them about my Microsoft PC, which was on at the time. Is there any way they could access that over the wifi the mac was using?

The short answer is yes... if you had already been using your Mac to remotely access and control your Windows PC over your network. If you had not already been doing that, the possibility becomes very unlikely.