i'm afraid i fell for a scam this morning regarding malware

Usually not. The only way someone can get access to your computer is if you have given your password to something you should not. The airport menu will let you disconnect from wireless. Do you have another Mac from which to download software that can check for malware? Etrecheck is a good all around check that will verify nothing untoward has been installed. Usually you have to actually install something before it actually is a problem. Downloads in of themselves are innocuous.

http://etresoft.com/etrecheck

Copy/paste the results of that into a post here, and we can tell you if there is anything you should worry about.

Did you allow them access to your computer? If so, boot into the Recovery Partition (command - R on a restart) and erase the disk and format as Mac OS Extended (Journaled) with option GUID. Then restore from your backup a backup that was made before they had access.

EtreCheck version: 2.9.12 (265)

Report generated 2016-06-19 08:20:22

Download EtreCheck from https://etrecheck.com

Runtime 1:36

Performance: Excellent

Click the [Support] links for help with non-Apple products.

Click the [Details] links for more information about that line.

Click the [Check files] link for help with unknown files.

Problem: No problem - just checking

Description:

I was scammed and allowed the scammer to take control of my computer. I want to check to see if they left a backdoor.

Hardware Information: ⓘ

MacBook Pro (Retina, Mid 2012)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro10,1

1 2.3 GHz Intel Core i7 CPU: 4-core

8 GB RAM Not upgradeable

BANK 0/DIMM0

4 GB DDR3 1600 MHz ok

BANK 1/DIMM0

4 GB DDR3 1600 MHz ok

Bluetooth: Good - Handoff/Airdrop2 supported

Wireless: en0: 802.11 a/b/g/n

Battery: Health = Normal - Cycle count = 119

Video Information: ⓘ

Intel HD Graphics 4000

Color LCD 2880 x 1800

NVIDIA GeForce GT 650M - VRAM: 1024 MB

System Software: ⓘ

OS X El Capitan 10.11.5 (15F34) - Time since boot: about 13 hours

Disk Information: ⓘ

APPLE SSD SM256E disk0 : (251 GB) (Solid State - TRIM: Yes)

EFI (disk0s1) <not mounted> : 210 MB

Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB

Macintosh HD (disk1) / : 249.77 GB (129.63 GB free)

Core Storage: disk0s2 250.14 GB Online

USB Information: ⓘ

Apple Inc. FaceTime HD Camera (Built-in)

Apple Inc. Apple Internal Keyboard / Trackpad

Apple Inc. BRCM20702 Hub

Apple Inc. Bluetooth USB Host Controller

Thunderbolt Information: ⓘ

Apple Inc. thunderbolt_bus

Gatekeeper: ⓘ

Mac App Store and identified developers

Unknown Files: ⓘ

/Library/LaunchDaemons/com.malwarebytes.HelperTool.plist

/Library/PrivilegedHelperTools/com.malwarebytes.HelperTool /Library/PrivilegedHelperTools/com.malwarebytes.HelperTool

One unknown file found. [Check files]

System Launch Agents: ⓘ

[not loaded] 7 Apple tasks

[loaded] 153 Apple tasks

[running] 78 Apple tasks

System Launch Daemons: ⓘ

[not loaded] 43 Apple tasks

[loaded] 149 Apple tasks

[running] 98 Apple tasks

Launch Agents: ⓘ

[running] com.mcafee.menulet.plist (2015-10-02) [Support]

[running] com.mcafee.reporter.plist (2015-10-02) [Support]

Launch Daemons: ⓘ

[failed] com.adobe.fpsaud.plist (2016-04-05) [Support]

[loaded] com.malwarebytes.HelperTool.plist (2016-06-16) [Support]

[not loaded] com.mcafee.ssm.ScanFactory.plist (2015-09-21) [Support]

[not loaded] com.mcafee.ssm.ScanManager.plist (2015-09-21) [Support]

[running] com.mcafee.virusscan.fmpd.plist (2015-10-01) [Support]

[loaded] com.microsoft.office.licensing.helper.plist (2014-02-26) [Support]

User Launch Agents: ⓘ

[loaded] com.adobe.ARM.[...].plist (2013-08-27) [Support]

[loaded] com.google.keystone.agent.plist (2016-03-03) [Support]

[running] com.spotify.webhelper.plist (2016-06-18) [Support]

User Login Items: ⓘ

iTunesHelper Application (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

AdobeResourceSynchronizer Application Hidden (/Applications/Adobe Reader.app/Contents/Support/AdobeResourceSynchronizer.app)

Google Chrome Application (/Applications/Google Chrome.app)

Spotify Application Hidden (/Applications/Spotify.app)

VerizonUpdateCenter Application (/Applications/VerizonUpdateCenter.app)

Other Apps: ⓘ

[running] VDSI.VerizonUpdateCenter.7712

[running] com.hp.devicemonitor

[running] com.mcafee.ssm.ScanManager

[running] com.mcafee.virusscan.ssm.ScanFactory

[loaded] 383 Apple tasks

[running] 210 Apple tasks

Internet Plug-ins: ⓘ

Flip4Mac WMV Plugin: 3.2.0.16 - SDK 10.8 (2013-06-23) [Support]

FlashPlayer-10.6: 21.0.0.213 - SDK 10.6 (2016-04-09) [Support]

QuickTime Plugin: 7.7.3 (2016-05-05)

AdobePDFViewerNPAPI: 11.0.12 - SDK 10.6 (2015-08-10) [Support]

AdobePDFViewer: 11.0.12 - SDK 10.6 (2015-08-10) [Support]

Flash Player: 21.0.0.213 - SDK 10.6 (2016-04-09) Outdated! Update

Default Browser: 601 - SDK 10.11 (2016-05-05)

SharePointBrowserPlugin: 14.6.4 - SDK 10.6 (2016-06-04) [Support]

Silverlight: 5.1.20513.0 - SDK 10.6 (2013-10-07) [Support]

MeetingJoinPlugin: Unknown - SDK 10.6 (2014-11-18) [Support]

SiteAdvisor: 2.0 - SDK 10.1 (2013-10-19) [Support]

Safari Extensions: ⓘ

SiteAdvisor - McAfee - http://www.siteadvisor.com (2016-04-05)

3rd Party Preference Panes: ⓘ

Flash Player (2016-04-05) [Support]

Flip4Mac WMV (2013-03-29) [Support]

Time Machine: ⓘ

Skip System Files: NO

Auto backup: YES

Volumes being backed up:

Macintosh HD: Disk size: 249.77 GB Disk used: 120.14 GB

Destinations:

My Passport [Local]

Total size: 319.73 GB

Total number of backups: 2

Oldest backup: 4/3/16, 17:16

Last backup: 5/28/16, 15:02

Size of backup disk: Too small

Backup size 319.73 GB < (Disk used 120.14 GB X 3)

Top Processes by CPU: ⓘ

5% WindowServer

2% kernel_task

2% fontd

1% cfprefsd(3)

1% blued

Top Processes by Memory: ⓘ

840 MB kernel_task

377 MB com.apple.WebKit.WebContent

238 MB mdworker(14)

172 MB Safari

156 MB WindowServer

Virtual Memory Information: ⓘ

3.00 GB Free RAM

5.00 GB Used RAM (1.24 GB Cached)

19 MB Swap Used

Diagnostics Information: ⓘ

Jun 18, 2016, 07:00:52 PM Self test - passed

Jun 18, 2016, 06:55:08 PM /Library/Logs/DiagnosticReports/Google Chrome_2016-06-18-185508_[redacted].cpu_resource.diag [Details]

/Applications/Google Chrome.app/Contents/MacOS/Google Chrome

Jun 18, 2016, 06:07:28 PM /Library/Logs/DiagnosticReports/???_2016-06-18-180728_[redacted].cpu_resource.d iag [Details]

???

Jun 18, 2016, 09:37:02 AM /Library/Logs/DiagnosticReports/VShieldService_2016-06-18-093702_[redacted].cra sh

/usr/local/McAfee/AntiMalware/VShieldService

If you allowed them access, then your best hope is to backup your system (twice with different backup utilities would be best and safest; TimeMachine is good, so are SuperDuper (free from full clone) and Carbon Copy Cloner (1 month fully enabled demo)). If you do not have external disks for backups, you should invest in some now.

Re-download El Capitan, and create a bootable installer on an external USB device (it can be a USB disk or it can be a simple as an 8GB (or larger) USB thumbdrive. You are gong to be doing a clean install of OS X and then copying back your personal data, but none of the other stuff from the backup(s).

<Create a bootable installer for OS X - Apple Support>

<http://www.macworld.com/article/2981585/operating-systems/how-to-make-a-bootable -os-x-10-11-el-capitan-installer-drive.html>

Erase using the bootable El Capitan installer, erase your boot disk to make sure any and all possible scam changes are gone. You should be able to do this from the installer Utilities menu item and run Disk Utility.

Install a Clean El Capitan.

Use your backup(s) to restore just your home directory.

Install any applications you had previously from original sources.

Setup any system preferences from scratch. Do not get .plists from the backups, as they may be compromised.

And this time around, do not install any anti-virus, no Mac cleaners, and no memory cleaners. They is just a waste of your resources. Please read the following:

How does Mac OS X protect me?

<http://www.thesafemac.com/mmg-builtin/>

Looking at your Etercheck report, you seem fine. You should uninstall all of that antivirus crapware, as you really don't need it. It will only slow down your system and make it worse. The best way to protect yourself from malware is to be careful on the internet and don't download anything unless you're sure what it is. Stay away from .pkg installers unless you really trust them, as this method for installing apps can make deep system changes.

EtreCheck version: 2.9.12 (265)

Report generated 2016-06-19 08:20:22

Download EtreCheck from https://etrecheck.com

Runtime 1:36

Performance: Excellent

Click the [Support] links for help with non-Apple products.

Click the [Details] links for more information about that line.

Click the [Check files] link for help with unknown files.

Problem: No problem - just checking

Description:

I was scammed and allowed the scammer to take control of my computer. I want to check to see if they left a backdoor.

Hardware Information: ⓘ

MacBook Pro (Retina, Mid 2012)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro10,1

1 2.3 GHz Intel Core i7 CPU: 4-core

8 GB RAM Not upgradeable

BANK 0/DIMM0

4 GB DDR3 1600 MHz ok

BANK 1/DIMM0

4 GB DDR3 1600 MHz ok

Bluetooth: Good - Handoff/Airdrop2 supported

Wireless: en0: 802.11 a/b/g/n

Battery: Health = Normal - Cycle count = 119

Video Information: ⓘ

Intel HD Graphics 4000

Color LCD 2880 x 1800

NVIDIA GeForce GT 650M - VRAM: 1024 MB

System Software: ⓘ

OS X El Capitan 10.11.5 (15F34) - Time since boot: about 13 hours

Disk Information: ⓘ

APPLE SSD SM256E disk0 : (251 GB) (Solid State - TRIM: Yes)

EFI (disk0s1) <not mounted> : 210 MB

Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB

Macintosh HD (disk1) / : 249.77 GB (129.63 GB free)

Core Storage: disk0s2 250.14 GB Online

USB Information: ⓘ

Apple Inc. FaceTime HD Camera (Built-in)

Apple Inc. Apple Internal Keyboard / Trackpad

Apple Inc. BRCM20702 Hub

Apple Inc. Bluetooth USB Host Controller

Thunderbolt Information: ⓘ

Apple Inc. thunderbolt_bus

Gatekeeper: ⓘ

Mac App Store and identified developers

Unknown Files: ⓘ

/Library/LaunchDaemons/com.malwarebytes.HelperTool.plist

/Library/PrivilegedHelperTools/com.malwarebytes.HelperTool /Library/PrivilegedHelperTools/com.malwarebytes.HelperTool

One unknown file found. [Check files]

System Launch Agents: ⓘ

[not loaded] 7 Apple tasks

[loaded] 153 Apple tasks

[running] 78 Apple tasks

System Launch Daemons: ⓘ

[not loaded] 43 Apple tasks

[loaded] 149 Apple tasks

[running] 98 Apple tasks

Launch Agents: ⓘ

[running] com.mcafee.menulet.plist (2015-10-02) [Support]

[running] com.mcafee.reporter.plist (2015-10-02) [Support]

Launch Daemons: ⓘ

[failed] com.adobe.fpsaud.plist (2016-04-05) [Support]

[loaded] com.malwarebytes.HelperTool.plist (2016-06-16) [Support]

[not loaded] com.mcafee.ssm.ScanFactory.plist (2015-09-21) [Support]

[not loaded] com.mcafee.ssm.ScanManager.plist (2015-09-21) [Support]

[running] com.mcafee.virusscan.fmpd.plist (2015-10-01) [Support]

[loaded] com.microsoft.office.licensing.helper.plist (2014-02-26) [Support]

User Launch Agents: ⓘ

[loaded] com.adobe.ARM.[...].plist (2013-08-27) [Support]

[loaded] com.google.keystone.agent.plist (2016-03-03) [Support]

[running] com.spotify.webhelper.plist (2016-06-18) [Support]

User Login Items: ⓘ

iTunesHelper Application (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

AdobeResourceSynchronizer Application Hidden (/Applications/Adobe Reader.app/Contents/Support/AdobeResourceSynchronizer.app)

Google Chrome Application (/Applications/Google Chrome.app)

Spotify Application Hidden (/Applications/Spotify.app)

VerizonUpdateCenter Application (/Applications/VerizonUpdateCenter.app)

Other Apps: ⓘ

[running] VDSI.VerizonUpdateCenter.7712

[running] com.hp.devicemonitor

[running] com.mcafee.ssm.ScanManager

[running] com.mcafee.virusscan.ssm.ScanFactory

[loaded] 383 Apple tasks

[running] 210 Apple tasks

Internet Plug-ins: ⓘ

Flip4Mac WMV Plugin: 3.2.0.16 - SDK 10.8 (2013-06-23) [Support]

FlashPlayer-10.6: 21.0.0.213 - SDK 10.6 (2016-04-09) [Support]

QuickTime Plugin: 7.7.3 (2016-05-05)

AdobePDFViewerNPAPI: 11.0.12 - SDK 10.6 (2015-08-10) [Support]

AdobePDFViewer: 11.0.12 - SDK 10.6 (2015-08-10) [Support]

Flash Player: 21.0.0.213 - SDK 10.6 (2016-04-09) Outdated! Update

Default Browser: 601 - SDK 10.11 (2016-05-05)

SharePointBrowserPlugin: 14.6.4 - SDK 10.6 (2016-06-04) [Support]

Silverlight: 5.1.20513.0 - SDK 10.6 (2013-10-07) [Support]

MeetingJoinPlugin: Unknown - SDK 10.6 (2014-11-18) [Support]

SiteAdvisor: 2.0 - SDK 10.1 (2013-10-19) [Support]

Safari Extensions: ⓘ

SiteAdvisor - McAfee - http://www.siteadvisor.com (2016-04-05)

3rd Party Preference Panes: ⓘ

Flash Player (2016-04-05) [Support]

Flip4Mac WMV (2013-03-29) [Support]

Time Machine: ⓘ

Skip System Files: NO

Auto backup: YES

Volumes being backed up:

Macintosh HD: Disk size: 249.77 GB Disk used: 120.14 GB

Destinations:

My Passport [Local]

Total size: 319.73 GB

Total number of backups: 2

Oldest backup: 4/3/16, 17:16

Last backup: 5/28/16, 15:02

Size of backup disk: Too small

Backup size 319.73 GB < (Disk used 120.14 GB X 3)

Top Processes by CPU: ⓘ

5% WindowServer

2% kernel_task

2% fontd

1% cfprefsd(3)

1% blued

Top Processes by Memory: ⓘ

840 MB kernel_task

377 MB com.apple.WebKit.WebContent

238 MB mdworker(14)

172 MB Safari

156 MB WindowServer

Virtual Memory Information: ⓘ

3.00 GB Free RAM

5.00 GB Used RAM (1.24 GB Cached)

19 MB Swap Used

Diagnostics Information: ⓘ

Jun 18, 2016, 07:00:52 PM Self test - passed

Jun 18, 2016, 06:55:08 PM /Library/Logs/DiagnosticReports/Google Chrome_2016-06-18-185508_[redacted].cpu_resource.diag [Details]

/Applications/Google Chrome.app/Contents/MacOS/Google Chrome

Jun 18, 2016, 06:07:28 PM /Library/Logs/DiagnosticReports/???_2016-06-18-180728_[redacted].cpu_resource.d iag [Details]

???

Jun 18, 2016, 09:37:02 AM /Library/Logs/DiagnosticReports/VShieldService_2016-06-18-093702_[redacted].cra sh

/usr/local/McAfee/AntiMalware/VShieldService

The only safe thing to do is boot into the Recovery Partition (command - R on a restart) and erase the disk and format as Mac OS Extended (Journaled) with option GUID. Then restore from your backup a backup that was made before they had access. Also see Bob Harris' post above. Also uninstall McAfee.

McAfee Uninstall Resources is near bottom of the page