hackers got in even with a clean installation!

[Elixer]

You mean write zeroes to the drive? As when I sell drives on eBay? I can Google later but just want to confirm that's what you meant

This is what I mean: https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
I usually use a boot USB linux distro to do it.
For SSDs, it doesn't write all zeroes to the drive per se, it is a more complex operation that nukes it, but this operation is very fast, under 10 mins, usually instantly.
For HDs, it basically writes random data to the drive. Yes, it takes time, but this is the best way to nuke everything on it.
How big is the HD or SSD?

 

[luv2liv]

this secure erase is very interesting! learn something new every day. will have to try this when i get the chance. thank you!
my ssd is a Crucial 250gb.

 

[XavierMace]

Prior to Elixer's instructions, go into Chrome and remove/uninstall ALL addons/extensions/etc. Given you have all your passwords saved and no 2FA for PayPal, I'm suspecting you've got all of Chrome's syncing turned on too. Beyond the possibility of malicious extensions, there's non-malicious ones that could give him an avenue back in (Chrome Remote Desktop). Uninstalling them prior to formatting ensures they don't get automatically resynced when you install Chrome again.

Next, change ALL your passwords, not just your PayPal password. Again, they had full access to your computer and you have all your passwords saved which means they could have ALL your passwords.

 

[Elixer]

this secure erase is very interesting! learn something new every day. will have to try this when i get the chance. thank you!
my ssd is a Crucial 250gb.

Crucial has their own utility to handle secure erase, use that one.