Deleted

Get a Linux USB stick together and boot that for a look around. Should be minimal risk.

you could always unplug the internet cable. Without internet, there is nothing he can do and you'd be able to check for any newly installed apps though I would suggest to call a technician at that point.
And yes the hacker probably uninstalled your antivirus and/or firewall to install another one which would actually give him more control over your pc.

She can turn it back on without internet access (disconnect the cable or, if she's on wireless, disconnect the router) and then you can walk her through turning off remote access and running an anti virus. It's possible he could have placed something, it's also possible that popup had already placed something hard to know without more info.

Well, probably it was easy for him to put some nasty stuff there since he had complete access, it depends on how fast she cut him off. Better restart the PC without internet access and help her check (antivirus/anti malware scan) for newly installed stuff, maybe even do a restore to an earlier backup if it's Windows.

Edit: slow typing, so others already suggested the same thing. Anyway, good luck in helping her.

My god, these parents...
mine are the same

Only way to be 100% sure is to format and reinstall. Change all internet-related passwords. These guys get in and scrape your saved passwords in browsers for bank account into and stuff. They will also try to "help" again (for a fee) usually now that you're a known sucker (no offense). There's really no telling what they've done or are planning to do.

If she makes regular backups of her computer you could restore from the most recent one. I'm guessing she is like most people and doesn't have a backup, though.

Depending on the OS there might be older snapshots (system restore, etc) that you could roll back to.

Otherwise be sure to do virus & malware scans, disable remote desktop/remote assistance, remove anything suspicious looking (LogMeIn, weird user accounts, etc). If your mom is like my mom she just uses a web browser and might have some Word documents and that's about it... so it should be fairly easy to start over if you back up her documents and settings. And definitely set her up with adblock at a bare minimum.

Good luck :)

Turn on the PC without internet connection and then I would probably just wipe everything. Also change passwords when you're on a fresh install.

Best option in my opinion is to reinstall all... So, u need take usb flash drive with installed OS and connect it to PC. Turn on PC and enter to BIOS to set flash usb driver as first boost driver. In this case PC will run OS from usb flash drive and all process of infected OS will be stopped. This give u ability to transfer all important personal data to other driver (like other big usb flash driver or ssd or cloud or anything else). It's best way to reinstall OS on PC. Also, u could run PC by OS from usb flash drive to clear PC's OS but it could very-verd hard cause violator could hide own "micro"soft anywhere include OS's directories.

Since everyone else already gave good answers, I'll suggest something that helped my fellow friends. First, you should feed your PC. I'd suggest a diet of donuts, along with at least one oil drink per day. Next, you should fill a trash can with milk and dump it in. Make sure all the milk gets inside the PC, it'll work as a freshener and a bath. Once done, buy a new PC, make sure it possesses an anti virus software, a virus and a NES port, then smash both PCs together, before strapping it on a rocket and then buy a console and strip it. Strip it down to the very wires and create a bomb. Once you blow up the rocket holding both PCs, take the remains and build a new one. The new one should have access to the hacker's computer and dick, so you can control his sexual urges and his computer. Once done, you can now use his computer to hack other computers. Good luck!

Why am I not surprised it's the parents that fall for this

Despite all the people saying turning it on without internet access is safe... it is NOT. That person could have already installed a software to encrypt (or just destroy, but that's a bit stupid on their part) all the data and ask for a ransom to get the decryption key. Encryption takes time so in less than 5 minutes it hasn't done much yet (although it's probably already too late for your documents folder: high chance of small files containing important stuff, so the first place is going to be encrypted). Turning it on will just allow to continue the encryption process. So boot it with some boot usb stick (there are various linux distros that are designed to boot from a usb stick) and copy all the important stuff there.

After that it's safe to boot it without internet access since you no longer care if does anything to your data. You can then progress scanning everything and looking for anything suspicious. The safest bet would be a format of the system drive and re-installation of the OS.

so calling a number could get your PC hacked?
Sorry if I misunderstood this part

That depends, these people are not hackers, but scammers.

I suggest you to show Kitboga to your mom. http://www.twitch.tv/kitboga