I am trying to clean a mac which has had it's contact list hacked. I at first thought that all the contacts were receiving mail because the mail had been hacked. Upon checking email headers it appears that the sender email address (ie that of the mac owner) is spoofed and the hackers seem to "merely" have a copy of the contacts list, and every email account configured on this mac. This contacts list isn't on any other machine, so it must have come from this mac. The only other guess I had was if some app was uploading the contacts somewhere and that company had been hacked (eg icloud), but icloud doesnt seem to be on this mac. I have scanned with Sophos, Malwarebytes and Avast. Just about to scan with Avira - nope Avira needs newer than 10.7.5 Sophos and Avast found lots of malware. Malwarebytes took about 3 seconds and found nothing. Not impressed with MBAM as it is great on Windows machines, waste of time on the Mac. Any suggestions?