You allowed a criminal to take control of your computer remotely. There are some steps you should take to make sure that it's safe to use.
Running any kind of "anti-virus" or "anti-malware" software is pointless. If I broke into a system and wanted to leave a back door, I could do it in a way that would be undetectable by those means—and I don't pretend to any special skill as a hacker. You have to assume that any intruder can do the same. For example, commercial keylogging software—which has legitimate as well as illegitimate uses—won't be recognized as malware, because it's not malware.
The only way you can be sure that the computer is not compromised is to erase at least the startup volume and restore it to something like the state it was in before the attack. The easiest approach is to recover the entire system from a backup that predates the attack. Obviously, that's only possible if you have such a backup. You will lose all changes to data, such as email, that were made after the time of the snapshot. Some of those changes can be restored from a later backup.
If you can't or don't want to restore from a backupl, then you should erase and install OS X. If you don't already have at least two complete, independent backups of all data, then you must make them first. One backup is not enough to be safe.
When you restart after the installation, you'll be prompted to go through the initial setup process for a new computer. That’s when youtransfer the data from a backup in Setup Assistant.
Select only users in the Setup Assistant dialog—not Applications, Other files and folders, or Computer & Network Settings. Don't transfer the Guest account, if it was enabled.
Reinstall third-party software from original media or fresh downloads—not from a backup, which could be contaminated.
The above being done, change all Internet passwords and check all financial accounts for unauthorized transactions. Do this after the system has been secured, not before.
