How to Fix Google Ads Disapproved Due to Malicious or Unwanted Software

Fix Google Ads Malicious Software

Were your Google Ads just disapproved after a website compromise? Or, are you seeing policy violations for malicious or unwanted software in your Google Ads account? In this article, we’ll dive into why Google suspends ads and accounts when it detects ad network abuse — and outline the steps you can take to identify malicious code, remove malware from your site, and get your promotions back up and running.


Preventing abuse of the Google ad network

It’s estimated that 99% of sites who advertise use Google Ads to generate revenue and bring in traffic. That’s a hefty number of websites who leverage the popular platform to publish and serve ads.

And while most webmasters are keenly aware that a website hack can significantly impact a site’s revenue and organic search rankings, malicious or unwanted software can also affect your ability to run ads on Google and other advertising platforms.

Your Google Ads must be trustworthy and relevant — this policy applies to your website as well. If Google detects that your website is serving malware (even inadvertently or without your knowledge), your ads will be disapproved and your account could be suspended until the problem is fixed.

Google Ads uses strict policies to ensure that all advertisements are trustworthy and relevant. Any deviation from these policies will show as policy violations — which means your ads will be rejected if they’re not compliant.

If Google notices one of your ads is abusing the ad network, the ad will be suspended until the error is corrected. So, if your ad was recently disapproved due to malicious software or a website compromise, you’ll need to identify and clean up the malware from your site before you appeal and submit the ad for approval again.

Google Ad disapproved due to malicious or unwanted software with appeal button

What is malicious software?

Google defines malicious software as follows:

“Malware” is software that aims to harm or get unapproved access to a computer, device, or network.

Malware exhibits malicious behavior that can include installing software without user consent and installing harmful viruses. Webmasters sometimes don’t realize that their downloadable files are considered malware so that these binaries might be hosted inadvertently.

Google’s process for malware detection is automated. It aggregates data from many sources to pick up any malicious content. Factors include content, geographic areas, and web technologies in use.

Some examples of malicious software that could result in ad account suspension include:

TypeHow It Works
AdwareAutomatically displays or downloads unwanted advertisements on the victim’s system.
SpywareSpies on the victim by gathering information about native apps, browsing history, and other user behavior.
KeyloggersRecords any and all keystrokes or keypad entries on a device, including cell phones, laptops, or tablets.
TrojanDisguises itself as legitimate or desirable software to gain unauthorized access to the victim’s system.
RansomwareDisables or restricts a victim’s access to data until a ransom is paid.
Mobile MalwareSoftware that infects a mobile device.
RootkitsAllows an attacker to gain control and remote access to a device.
WormsSoftware that spreads through a network or environment by reproducing itself.
Fileless MalwareExploits a legitimate program to infect a computer.
Malicious RedirectsUnexpectedly redirects users to unknown malicious third party websites.

If you need more information on this topic, you can read more on what Google determines as malicious content and malware in their Google Search documentation. You’ll also find their process for malware detection documented in the Transparency report.

What is unwanted software?

Google defines unwanted software separately from malware. Unwanted software is defined as any software application that your website or application links to (or hosts) that engages in deceptive, unexpected behavior or negatively affects a user’s browsing experience.

Some attributes of unwanted software may include software that:

  • Is difficult to remove or contains dark patterns/deceptive design patterns.
  • Fails to inform user about all of it’s functions.
  • Impacts the user’s system in an unexpected way.
  • Comes bundled with other undisclosed software.
  • Collects and transmits sensitive user information without disclosure.

For further reading and more examples, you can check out Google’s official Unwanted Software Policy.

Why are my Google Ads disapproved due to malicious software?

There are a number of reasons why your ad might be disapproved by Google due to malicious or unwanted software, including:

  • Malicious code, programs, or custom scripts. Your ads will be suspended immediately if Google detects malware on your website or landing pages. Any custom scripts that are referencing malicious domains or code could lead to Google flagging your ad.
  • Bundled software without consent. Some bad actors try to include or “bundle” additional software to download from a landing page. Google takes this malicious practice very seriously and bans ads that are found to download or include software without consent.
  • Custom scripts on your landing page redirect to malicious content. That includes redirects that pass users from your landing page to another malicious website.
  • Automatic downloads occur on your landing page. Google requires software downloads to start only once the user has consented by clicking the download button. Having any kind of automatic download on your landing page is certain to get your ad disapproved.
  • Form fields invite the visitor to submit sensitive information. Requesting sensitive information from visitors like Social Security Numbers or bank account details on your landing page is a surefire way to get your ads disapproved.
  • False representation of expected content. Any ad that has the word “Download” or “Play” without identifying which software it is advertising will be rejected.
  • Malicious redirects to unexpected content. For example, if your ad mimics the appearance of the publisher’s website and claims to play a video but instead leads to a software download, it will be disapproved.
  • Website images contain malware or embedded code. Google may flag images that are known to contain anything malicious.
  • Changes are made without consent. This is never tolerated in Google Ads. Consent needs to be acquired before making any changes to the user’s browser, permission levels, or system.
  • Software is difficult to uninstall. If Google identifies that software downloaded from your landing page contains complex menus or is not possible to uninstall without a third-party tool, your ad will be disapproved.

This list is not exhaustive, however. Google may not always be able to provide you with explicit explanations for the ban or disclose exactly how they detected the malicious content. But if any of these issues are present on your website’s landing pages, it’s likely that your ads will be disapproved by Google and your account suspended until you submit an appeal.

Google Ads policy approval status disapproved due to malicious or unwanted software

So let’s dive into some of the ways you can fix the problem and get your ads back up and running.

How to fix malicious or unwanted software warnings for your website

There are a number of steps you’ll need to take to find, fix, and remove malware from your website landing pages.

1 – Check for recent website changes.

Firstly, you’ll want to scan your website to identify any changes that were made around the time when your ads were disapproved. That includes modifications to core CMS, source code, plugins, themes, or files that may have been made close to or before the date of your disapproved ads.

2 – Check Google Search console to see if your website is blocklisted.

You can check the Google Search Console to find reports of blocklisting or any issues. Refer to our guide for more information on how to fix blocklisting by Google.

3 – Scan your website for malware.

Scan your website remotely and at the database and server levels to identify any indicators of compromise.

Scan for malware with SiteCheck

If you use WordPress, some plugins can help you analyze your site for malicious content. This is much faster than manually analyzing code.

4 – Repair the infected files.

After you have located the malware on your website, thoroughly clean up the infection to get your site back to a state that is free of malicious behavior or software.

If you need a hand, check out this video with step-by-step instructions on how to cleanup malware from a hacked WordPress website.

And if you don’t want to clean up the malware on your own, Sucuri offers malware removal services to help you quickly restore your site.

5 – Prevent reinfection and harden your site.

Thoroughly check for and remove website backdoors to prevent reinfection. Be sure to also implement website hardening techniques to reduce the risk of a malware re-infection so it doesn’t come back.

6 – Optional: Contact Google Ads Support for more information.

You can contact the Google support team to receive additional feedback about your suspension. This is perhaps the best option if all the other remedies have been exhausted. You can speak with a real person and troubleshoot the problem.

Remember — once the hack has been addressed, you’ll still need to submit an appeal to Google and then resubmit your ads.

Contacting Google and addressing a suspended Ads account

If your Google ads are suspended, there could be the possibility of a malware infection. If you believe it’s a mistake or have already cleaned up the malware infection, the next step is to check their help center and contact the Google Ads team directly. From there, you can submit an appeal using the “Contact Us” link in your Ads account.

You can contact Google Ads support with either of the following steps:

  1. Click on the Help button from the top nav and then select the Contact us button at the bottom of the menu.
  2. Call Google at the toll free number found on the official Google Ads Contact page.

Contact Google Ads support
Once you get in touch with a support representative, make it clear to them that your business is legitimate and that you are serious about your website and ads. After that, you must inform them of the violations in your ad and what you have done so far to solve the problem.

Ensure that you give them all the details so they can clearly understand your predicament. After you have followed these steps, you’ll need to wait for them to rectify the issue. It will often take a few days to be processed and fixed.

How to fix disapproved ads due to malicious or unwanted software

If you’ve addressed the issue on your website and your account isn’t completely suspended, you can follow these steps to fix any ads that have been disapproved by Google:

  1. Open Google Ads – Click on Notifications on the top of the navigation.
  2. Under the Ads Disapproved notice, click Fix it. How to fix google ads disapproved malicious software
  3. In the Status column of the ad, you will see the reason for the suspension. Hover over the Disapproved status to view the link to the explanation of the policy.
  4. Select the disapproved ad using the checkbox.
  5. Click the Edit button and Appeal policy decision.
  6. Under Reason for appeal select Made changes to comply with policy.
  7. Click Submit to complete the appeal and submit your ads for review.

Google Ads policy violations appeal to comply with policy affected ads in the group

Keep in mind that you’ll need to fix the malware before appealing. If Google identifies that you’ve appealed multiple ads and the issue hasn’t been resolved, you may be limited in the frequency you can appeal policy decisions.

Most ads are reviewed within one business day, but it could take longer if they require a more complex review.

Sucuri can help with malware clean-up. Contact our team if you need help removing malicious code or unwanted software from your website.

How to prevent malicious or unwanted software from impacting your Google ads

The most common reason for a website being flagged for malware by Google is that your website has been hacked. Therefore, the most important thing to do to prevent your ads from being taken down due to malicious or unwanted software is to prevent a hack from occurring in the first place.

To accomplish this, implement website hardening techniques to reduce the risk of a malware infection.

Some steps to harden your website include:

Key takeaway: Secure your website to prevent malware and policy violations

While Google Ads is used by many webmasters to increase profitability for their site, even the best ad campaigns will be useless if suspended due to malware. And you definitely don’t want to pay tons of money for ads only to have your visitors spirited away to some other malicious website. Google has very strict regulations when it comes to advertisements, so it is essential to keep your website free of malware to ensure your ads are not disapproved.

By using a web application firewall, you can help mitigate risk from attackers with virtual patching, which can prevent hackers from targeting known vulnerabilities on your site. It will also help you filter out malicious traffic before it ever lands on your site.

If you’ve identified that your website has already been hacked or has malware and you need a hand cleaning it up, our highlighly skilled website malware analysts are here to help.

Get help removing unwanted software

You May Also Like