My friends Macbook may be i serious trouble. Someone has tried changing his password on FB several times yesterday. He received a weird webhosting invoice by regular post coming from Germany to New York asking him to pay it through a website. The invoice seems to be from a legitimate webhosting company. He went to the website, which turned out to be a bogus chinese language website. Of course the invoice if fake and he never used their services. He entered his email there. Just an hour later someone tried changing his FB password. I am suspecting the worse. Want to help him as much as I can. I already asked him to disconnect from WIFI and bring the Macbook to me. Besides the obvious, such as changing email logins and passwords, we need to do a thorough scan of his Mac for malware. Any ideas or hints for a scan for Spyware, Keylogger and Virus, plus whatever else might be lurking?