My Father Granted Someone Remote Access To His Computer; What Should I Do

My elderly father was taken in by some kind of pop-up ad that claimed he had viruses when he was online. He clicked on it and he filled out their form so they called him and before I'm aware of any of this, he had granted them remote access to his computer.
They are a company called Rhombus located (supposedly) in Texas although they all seem to have Indian accents. They got him to agree to pay them over $800 for continued technical support. They're supposed to send FedEx to his house today to pick up his check. I've told him I think it's a rip-off. That $800 tech support supposedly includes a lifetime subscription to Malwarebytes.
I also turned off the computer so they can't get remote access without us knowing it and I told him not to touch it until I have a chance to look at it.
I want to disconnect the computer from the router so they can't stop me from deleting the software they installed that allows remote access. They left a shortcut for it on the desktop so it can be easily found, but I don't remember the name of the software (I'm posting from work).
Thing is, I don't really know what else they may have done to the computer. It may have files or software that is hidden and I'm not sure how to find it.
I also noticed that our Wifi that I use to access the internet for my own PC, laptop, and tablets is down, so I can't get online. I checked, and it says I have access to a Wifi network (which seems to be a new one that isn't the one we usually use) but I still can't get online.

So I'd like some advice on how to clean his PC of whatever he did to it and to re-establish our Wifi and get rid of the one they installed.

Thanks

 

Okay, sorry for the delay in posting the logs.
Hitman and TDSKiller didn't find anything and didn't give me any logs to upload.
The "tech support" provided by this company supposedly includes a lifetime subscription to Malwarebytes Pro, so I used that version to run the scan; it didn't seem to find anything, though I've uploaded the log anyway. Since they provided it, I'm a little suspicious of it, so if you think I should uninstall their version and run a version of the software I downloaded from here, please let me know.
It looks like they've installed AnyDesk as well as some kind of Tech Support shortcut on the desktop. I haven't uninstalled or deleted them yet; I figured I should wait to hear what you may see in these logs, if anything.
Thanks.

 

Okay, I figured maybe I'd better start with trying to correct my mistakes from last time, since those scans were to be done first.

I think my mistake with MGTools was because the window it ran in didn't open to the full depth of the screen. So when it paused in its scan, it did it just before the instructions that said to wait, it wasn't done yet. So I didn't see that and thought it was done.

Your comment about Trend Micro Hijack This confused me because I couldn't find that software mentioned in the "Read and Run Me First" instructions. I thought maybe you meant Hitman instead? So I thought maybe I should try to run Hitman again to be safe, and then also run Hijack This as well. I'm sorry, I've been so tired tonight, I think it was Hitman that ended up deleting some files even though the instructions said to only include a log. I don't remember having to click either of them twice to accept the licence, but they both provided a log anyway.

I think I also misunderstood the Rogue Killer instructions, because I exported a report after the first scan, and then after I rebooted and ran it again, it generated another report; the second one has the letter "b" at the end of the file name. So I'm uploading both. Rogue Killer also gave me 2 error messages on both runs having something to do with a missing drive. I didn't know what they meant, so I took a screenshot that I am uploading. I clicked "continue" all 4 times it popped up and it kept plugging away.

I think I got most of the other logs without any problems except for ZHPCleaner. Another odd error message popped up asking me if I had installed a server and I really wasn't sure and didn't know how to check that. I know we have a high speed internet connection with our cable, and it includes a Wifi connection, but I wasn't sure if it might have been one of those. I took a screenshot of the error message along with an open window showing our internet network connections which I will upload as well. But then I clicked "Yes" in the error message as if I had installed the server at least until I can find out for sure if it really is legitimate.

 

Here's more of my logs and errors since I've already gone above the 5 per message limit.

 

I called our cable/internet provider and they told me that server is not one of theirs, so I ran ZHP again and told it so and it found a browser hijacker. I'll post the log, though that's all it seemed to find this time. I'll have to see if our Wifi is working now that I deleted the fake internet connection; if not, I'll have to call their support to hook us up again. Oh, and I almost forgot; both yesterday and today, when I ran ZHP, I got a message during the scan that ZHPCleaner.exe was corrupt and that I should run system check. I was so tired yesterday, I forgot to mention it. I'm hoping it's just a false flag that happens as a result of the scan?

I also deleted everything you mentioned above except for the 3rd one from the top between brackets. I couldn't find that one even when I did a search, and I do have hidden files and folders activated.

The PC seems to be running okay, considering how old it is. I actually think it's running faster than it was, though. I know XP is old, unsupported and vulnerable, but my folks don't want to spend money to upgrade, and they're already challenged trying to work with this outdated system without having to upgrade to something even more advanced.

He actually even ordered a "Wow!" PC made for seniors, which is supposedly easier to understand, but they can't remember how to turn it on so they never use it. I did some checking, and it looks as if the "Wow!" actually has Linux running it all under the hood, so I think it might be somewhat less likely to attract the attention of hackers. If only they would use it

Here's the ZHPCleaner log. I added a 3 to the end of the filename because I thought I had saved 2 previous logs for it in the same location yesterday, but it was only the one.

Thanks again for all your help!