Sounds like a classic phishing hack to me. They tend to proliferate on "dubious" - i.e., not family-friendly, or X-rated websites. My kids have inadvertently stumbled on such websites and got the "phone this support number to fix the problem" display, so I raised the security bar to block them out. I have also had to fix these "phone this support number to fix the problem" scams on a couple of friends' computers.
There have been some arrests recently of Indian-based hacker teams where they hack these faux "alerts" on your PC when you visit their websites, or randomly and systematically call phone numbers in another country, claiming to be Microsoft support, and say they "noticed a problem on your computer". There are many more of these scam operators not yet discovered/arrested and still operating their scams.
This scam happened to a friend of mine a few weeks back and I advised him to string them along until they gave up - which he did, and enjoyed it too. I later got a call from a similar scam outfit on my mobile phone, so I carefully probed and established that they didn't know I had a laptop:
- Me: "Oh you mean my desktop PC? It's a really good DELL 2020 [made that up] computer - thankyou for calling, I didn't realise that it had a problem."
- Scammer (in a thick Indian accent): Yes sir, that is it. It is a good computer. The error report shows it has a disk error that may be virus (sic) and needs to be fixed urgently."
They did not know my name so I told them it was "Frank" and figured it had to be a random phone call, or they had found the number from hacking someone's email account or mobile phone, where they happened to have my number in their unnamed contacts list.
However, if your Dad has already succumbed to the scam - and it looks as though he has, if they have already installed Teamviewer - then they will probably have Admin rights and absolute control and full access, so they could have done anything by this belated stage, including inhibiting Malwarebytes.
So, you probably should rather urgently isolate his PC from the Internet, and treat the hard drive forensically with Malwarebytes. Attach the PC's drive as an external hard drive to another computer which is already installed and running Malwarebytes, including their anti-ransomware software.
You will also have to identify and expunge all traces of their software/data footprint on the disk.
If he has his bank account or credit card details in clear (i.e., not encrypted) somewhere in a file on the disk, then advise the banks concerned ASAP and get them to temporarily block/change the accounts whilst the passwords/PINs are being changed.
If they also had access to his social security ID information, then they potentially could have committed identity theft, in which case, be prepared for a great deal of pain to restore ownership.