What to do when your PC or Mac is infected with a virus or malware

Written By David Simmonds

Next Steps PC or Mac is infected with a virus or malware

A malware or virus scare is stressful, but staying calm and following a few simple steps makes a big difference. This guide tells you what to do (and what not to do) right away, how to preserve evidence, and when it’s time to call an IT professional like Optimised Computing for an on‑site visit in Herefordshire.

First things first — don’t panic, don’t follow on‑screen instructions from popups

If a scary popup demands payment, or a message commands you to “call this number” or “install this tool”, ignore it. These are almost always scams that make the problem worse.

  • Never pay money or give remote‑access codes to strangers. Paying does not guarantee recovery and encourages further attacks.

  • Don’t try dramatic fixes you’ve never used before (random registry cleaners, unfamiliar “anti‑malware” tools from popups). Well‑meaning but incorrect actions can destroy evidence or make recovery harder.

Immediate steps to limit damage (do these now)

  1. Stay calm and note what you see

    • Take a photo or screenshot of any error, ransom note, or unusual message.

    • Write down the exact text, filenames, or phone numbers shown.

  2. Isolate the device

    • Disconnect from the internet: turn off Wi‑Fi and unplug Ethernet.

    • If it’s a laptop, remove any attached USB drives and external hard disks.

    • If you manage a home or small office network, switch the router to off or disconnect the affected device physically.

  3. Don’t restart if a ransom message is present

    • Some ransomware uses temporary memory to display info; restarting can trigger encryption or lock further. Leave the device powered on unless instructed otherwise by an expert.

  4. Turn off shared services

    • If the device is logged into cloud storage (OneDrive, Google Drive, Dropbox), sign in from another safe device and temporarily pause syncing if possible to prevent infected files syncing to the cloud.

  5. Preserve evidence

  • Don’t delete files or run disk‑cleaning utilities.

  • If you have simple backups, note when they were taken; don’t attempt to restore yet without advice.

What you should avoid doing

  • Don’t follow phone numbers, websites, or software links shown in malware popups.

  • Don’t run random “free” tools suggested by search results; they can be fake or harmful.

  • Don’t log back into sensitive accounts (banking, email, work apps) on the infected machine.

  • Don’t try to reinstall the OS unless a professional recommends it. Reinstallation can destroy traces needed for recovery and may not save encrypted files.

Quick assessment checklist to prepare before calling a technician

Have this information ready when you contact Optimised Computing — it speeds troubleshooting and helps us plan an effective visit:

  • Device type and OS (Windows 10/11, macOS, Chromebook, etc.).

  • Symptoms and exact text of any messages or popups (photos help).

  • When the issue started and what you were doing just before.

  • Whether you have recent backups and where they’re stored (external drive, cloud).

  • Any attempts you’ve already made (reboots, antivirus scans).

  • Is the device critical to business operations (shops, charity admin, school work)?

When to call Optimised Computing (and what we do)

Call us if any of these apply:

  • You see a ransom note or demand for payment.

  • You can’t access important documents or email.

  • You suspect data theft (unexpected password reset emails, unusual account activity).

  • Multiple devices on your home or office network are affected.

  • You don’t have a clean, recent backup.

What Optimised Computing offers on an on‑site visit in Herefordshire:

  • Safe isolation and forensic triage — we preserve evidence and identify the malware type.

  • Secure offline backup of recoverable files where possible.

  • Cleaning and removal of malware using validated tools and tested procedures.

  • If needed, secure reinstallation and restoration from clean backups.

  • Help with account recovery, password resets, and securing other devices on your network.

  • Practical advice and setup: scheduled backups, router hardening, multi‑factor authentication, DNS filtering, and staff/family guidance to prevent recurrence.

Preventive services and recommended follow‑ups

  • One‑off harden & restore: malware removal, updates, and basic hardening.

  • Monthly maintenance: scheduled checks, antivirus management, and backups.

  • Network hardening visits: router firmware, guest Wi‑Fi, device segmentation.

  • Staff/family training: short sessions to teach spotting scams and safe habits.

Local reassurance and how to book

Optimised Computing provides same‑week, on‑site visits across Herefordshire (Hereford, Ledbury and surrounding villages) to get you up and running quickly and safely. We work with charities, clubs, small businesses and homes to secure devices without jargon.

David Simmonds
Next

Focused on AI Threat & Local Herefordshire Help