Never shutdown or reboot the computer, because it is important for keeping access to the memory where malwares leave traces of their presence and action.
Do not perform a malware/viruses scan, because this action can destroy relevant data.
Isolate the computer from LAN immediately. This action can be performed either by unpluging the cable or, in case of being using WiFi, disassembling the device through hardware (by pressing ALT-F2).
Do not format disk or delete files - again, it may erase important data to our analysis.
Never, never restore any data backup if you are not 100% assure of being restoring a clean backup. The big risk is to infect the backup set and, once more, your system.
Finally, you must NEVER consider the Information Security team as true Malware Analysts. In these cases, it is common to see people insisting in fixing the problem, but causing bigger malware spreading effects through the LAN to other computers.