Apprent Ransomware Attack On Colleague's Laptop

Helping out a colleague who's unfamiliar with PCs (she's a Mac user) with an apparent Ransomware attack on her personal laptop.

From some other chatter online, this seems to be a known problem, the "(855) 267-8490 popup" It warns of a need to call that number because of a serious defect with Microsoft Edge and warns she must not reboot or turn off the system.

Assistance with removal welcome. Thanks in advance.

 

She called, but I handed her a piece of paper warning her it was a scam. She at first thought I was paranoid. Then they started talking about connecting her to their server. At that point she said she'd have to call them back and hung up. But presumably they now have her cellphone number. They have not called back and she isn't planning to call them again. No ransom demanded so far. She is unable to do anything with her browser, it's totally locked up. She has no security protections installed as far as I can tell. Is there a good way to tell exactly which malware package she has?

 

So, we went through the steps as far as Malwarebytes (which found and cleaned 37 threats including two Malware items and a lot of PUPs) and Roguekiller (found at least 1 item, with Hkey in the name), but the system locked up while running Roguekiller. The system was totally unresponsive. She rebooted and the system is now failing to fully boot. This is a SurfacePro4 which has a facial recognition lock; it is now failing to recognize her, so she is unable to advance past that screen. Specifically, the camera used for the facial recognition is not coming on following the reboot.

 

She had to leave for the day and left the computer with me, but I don't know her passwords (or have her face to be recognized). Won't be able to try this until Monday morning, so we'll back to it then.