I looked up the activity earlier, after I secured everything, and looks like the moron came back to check the account, and when he realized I changed the password, he started running his brute force program again, hitting the account every few seconds on a different server most probably, with a new IP address every time.

I'm actually glad he did that. It proved to me that the new password is actually safer, and confirmed what I was 95% sure about, and that is he didn't actually have any remote access to my PC.