I think the layman expected there was some character of a pathologist to my job. Like I would understand or diagnose that they had porno ransomware X on their system and the only solution was to do computer thing Y.
In reality, of course, regardless of the malware, I would just help the person back up all the data and configurations we could. Use a virus scanner on the backups, and reinstall their OS. How they got the malware was completely irrelevant, and I actually preferred not knowing. With a bit of experience I learned to preempt any detailed explanations by just stating my plan early and being clear that it didn't matter how they found the malware.