Are you sure that's all?
Check .htaccess for similar instructions
RewriteCond %{HTTP_USER_AGENT} (android|midp|j2me|symbian|series\ 60|symbos|windows\ mobile|windows\ ce|ppc|smartphone|blackberry|mtk|bada|windows\ phone) [NC] RewriteCond %{HTTP_USER_AGENT} !(accoona|ia_archiver|antabot|ask\ jeeves|baidu|dcpbot|eltaindexer|feedfetcher|gamespy|gigabot|googlebot|gsa-crawler|grub-client|gulper|slurp|mihalism|msnbot|worldindexer|ooyyo|pagebull|scooter|w3c_validator|jigsaw|webalta|yahoofeedseeker|yahoo!\ slurp|mmcrawler|yandexbot|yandeximages|yandexvideo|yandexmedia|yandexblogs|yandexaddurl|yandexfavicons|yandexdirect|yandexmetrika|yandexcatalog|yandexnews|yandeximageresizer) [NC]
Check all javascript that is loaded by your site. It is possible that the installation of the virus was carried out through the introduction of code into JS files or it was trite in the html code of the page <script type="text/javascript" src="http://example.com/xxxx.js"></script>
. It is also possible to install the code in php files, but here it is necessary to analyze the source codes.
In general, the algorithm for checking whether your site is infected is as follows:
- look at .htaccess
- look at what files are downloaded from the network when accessing the site
If everything is clean, then with a probability of 90% your site is clean. The remaining 10% fall on those who have the virus loading registered in php files.

So just do not place ads from this advertiser on the mobile version of the site. For example, register on wapstart and use only their ads on the mobile version.

Do you want to use this solution?
www.tapatalk.com/