Man I feel your pain. In fact I still do, it's turned this once confident PC user into a paranoid sissy.
5/29/16 @ 5am (computer left running, I'm asleep still) - I get a large purchase through ebay using the linked paypal. < ok maybe someone got my ebay password, changed that and paypal will reimburse
5/30/16 @ 5am (computer left running, I'm asleep still) - I get ANOTHER charge using the exact same method and means. < now I begin thinking to myself I have a trojan of some sort and begin scrubbing my pc, which honestly is futile in giving any sort of assurance it worked.
I also begin removing all saved passwords and information from chrome and transferring them to lastpass, which is a vault of sorts for your login info, that can be tied to a token authentication on your smartphone.
5/31/16 @ 6AM, (computer was on standby, woken up for early morning reading) I notice a teamviewer connection open with my mouse clearly being controlled by someone on the other end. To my horror I see them try to access my lastpass vault, as my phone is prompting the 2step authentication process. About that moment I panicked and yanked all computers from the internet and began the teamviewer uninstall process, and immediately changing ALL passwords I can think of.
After settling down and reviewing the teamviewer logs, I think I have their teamviewer ID which I will be forwarding to the authorities. Long story short, DO NOT store passwords in browsers, DO NOT leave teamviewer running unsupervised, DO use a complex password for teamviewer, and DO setup a 2step authentication process on your teamviewer account.
That guy better pray I never find him...