Existing Script used to direct Yahoo user to malware

I'm an administrator for a library and find that users accessing yahoo for mail are redirected to one or more malware sites which are subsequently blocked by our blacklist. This seems to happen for all users but not necessarily all computers. Is there a way to delete identify the script in question or to stop scripts from running? Perhaps there is a better location to post this topic?
Logg inn eller Registrer deg for å kommentere.