emPSN - East Midlands Public Services Network 01604 879869
Back to Knowledge Base
Malware Removal

Malware Removal

As reference for remediation against malware or suspected malware please see the updated information below along with resources for potential removal.

*NEW* for September 2019 – We can now offer members use of Malwarebytes cloud console at no cost allowing your school to save – https://www.empsn.org.uk/services/malwarebytes/ 

Further assistance is available to empsn customers through the support@empsn.org.uk mailbox.


Suggested Remediation

Review the host to assess any immediate signs of issue or concern, legacy configuration or otherwise – this is the most likely issue with the host. Include system and application log files for errors or suspicious activity. If you suspect Malware a suggested approach could be:

  • Do NOT Panic – keep a clear mind and work through what you need to do
  • Isolate the host from the network and scan it for malware.
  • If malware is found, either attempt to remediate the infection with anti-virus software, or format the hard drive and reinstall the operating system and all applications from known, good media.
  • Ensure that the host has the latest patches and updates installed. This especially applies to Oracle Java, Macromedia Flash Player, Adobe Acrobat/Reader, any browsers (Internet Explorer, Google Chrome, Mozilla Firefox, etc.), and the operating system itself.


Further Advice

  • If you require additional assistance during the containment, eradication or recovery phases of this process, please note that empsn is available (support@empsn.org.uk) to advise further and has access to a highly trained Incident Response team that can be consulted as part of the empsn service.
  • If the host(s) have been used to access online banking resources, we would strongly recommend that the passwords are updated.
  • Please advise users to only open attachments from known or trusted sources, particularly where the attachment contains Macros or executable code. Emailed macros and programs should ONLY be run if you are certain you know where it came from and what it does – enabling macros could infect your machine.


Resources and Tools

Example Malware detection / removal tools for your considered use – others are available, detection and removal is not guaranteed.

Other sources of information and guidance please visit

Back to Knowledge Base