What is the name of the malware? Ironsource Installcore is a perfectly genuine entity but the name of the malware might be more useful.
The latest I've seen is one disguesed in a flash setup file, generating a purbrowser variant.
C:\PROGRAM FILES (X86)\CLEARTHINK\BIN\CLEARTHINK.PURBROWSE64.EXE
Threat Name: 3892 Threat Type: open_with_terminate,open_with_mo Action Taken: Blocked Target Distinguished Name CN=INFORMATION TECHNOLOGY SYSTEMS, OU=IT, O=INFORMATION TECHNOLOGY SYSTEMS, L=PODGORICA, S=MONTENEGRO, C=ME Target File Name ADOBE_FLASH_SETUP.EXE Target Fingerprint 0e73676e390c2219cb207da8caa0213f Target Organization Name INFORMATION TECHNOLOGY SYSTEMS Target Path C:\USERS\DKLKB\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\8CCJYVX0\ADOBE_FLASH_SETUP.EXE
Not sure in that case especially as you are using Enterprise as things are handled differently from the Consumer side, where I help out. Support may have ideas on blocking it. Meanwhile hopefully someone with corporate experience will spot this.
I was hoping there was a specific known malware name and I could point you to a removal guide, sorry to waste your time.
There is one removal guide for Clearthink Adware: How to remove ClearThink Ads (Virus Removal Guide)
Meanwhile be very careful what you download and where from, watch out for optional extras attached to the download that you don't need.