How to Fix Google Ads Disapproved for Malicious Software

When Google disapproves your ads or suspends your account for “malicious software”, it can feel overwhelming — campaigns stop, sales decline, and, most importantly, revenue takes a hit. However, with the right steps, you can identify malicious software, clean up your site, and get your Google Ads running again.

As Google Ads policy, “malicious software” (often called malware or unwanted software and compromised site) covers anything that harms users or puts them at risk: hacked pages, injected scripts, forced downloads, deceptive installers, phishing, or sneaky redirects. Google applies this not only to the ad but also to the final landing page and anything it loads (scripts, iframes, CDNs, third-party forms) and even subsequent redirects. If Google detects risky behavior anywhere in that chain, your ad (or account) can be blocked.

In this guide, we’ll walk you through a step-by-step process to fix Google Ads disapproved for malicious software. You’ll learn how to detect and remove malware, submit a successful Google Ads appeal, and protect your account from future suspensions — so your campaigns stay active and your business keeps growing.

What Does Google Mean by “Malicious or Unwanted Software” (or “Compromised Site”)?

Google prohibits ads that distribute or link to malware or software that behaves deceptively or harms users.

• Malicious software includes anything that tries to gain unauthorized access, steal data, or damage devices.
• Unwanted software is software that behaves in unexpected ways (e.g., bundling without clear consent, hard-to-remove toolbars, misleading installers). These rules apply to the ad and to every destination the ad touches (landing page, redirects, third-party scripts).
• A compromised site is a website whose code has been altered without the owner’s knowledge to serve a third party’s interests — often putting visitors at risk.

Here are Google policy violations with respect to Malicious Software, Unwanted Software and Compromised Sites.

Malicious Software

Intentional distribution of malicious software or “malware” that may harm or gain unauthorized access to a computer, device, or network is not allowed.

Unwanted Software

There is no clear description of the product in your ad or a landing page.

Failing to disclose the full implications of installing the software to the user is not allowed.

Compromised sites

Destinations which are hijacked and hacked are not allowed.

Common Reasons for Google Ads Disapproval

1. Hacked or compromised site: Attackers inject JavaScript, PHP backdoors, hidden iframes, or link injections. Visitors may be redirected to spam or phishing pages, or silently forced to download files.
2. Outdated CMS/themes/plugins: Old WordPress, Joomla, Magento, or plugins with known vulnerabilities get exploited, leading to code injection or redirect chains.
3. Third-party scripts gone bad: Ad tags, analytics, chat widgets, CSS/JS CDNs, or font/CDN links can be hijacked or replaced upstream. Even benign tools can be flagged if they load risky endpoints.
4. Misleading download buttons or installers: Design patterns resembling “Download” that lead to unwanted software can trip policy even if your intent is honest.
5. Cross-site contamination: If your landing page pulls assets from another domain (your CDN, an image server, or a marketing tool) and that domain is compromised or blocklisted, your ad may still be disapproved.
6. Bad redirects: Server-level rules (.htaccess, Nginx), JS-based redirectors, or malicious meta refreshes can send some users (often mobile or specific geos) to harmful destinations.

Understanding these patterns helps you target your investigation and fix the root cause — not just the visible symptom.

How to Fix Google Ads Warnings: Malicious Software, Unwanted Software, or Compromised Sites

Here’s an exact step by step action plan to fix disapproved Google Ads. Follow each step carefully and don’t appeal until you’re confident that the site is clean.

A. Carefully Plan Everything

Before attempting to fix your disapproved Google Ads or suspended account, take a moment to plan your approach. Get a complete understanding of the problem at hand and act responsibly.

1. Check the details: Review Google’s email and your Google Ads dashboard to understand why your ads or campaigns were disapproved. Identify whether it’s an ad-level disapproval or an account-wide issue.
2. Hold off on appeals: Do not submit an appeal yet. Multiple failed appeals signal to Google that the problem persists and can slow future reviews.
3. Freeze changes: Avoid making major site updates or mass ad edits until the issue is fully investigated. A stable environment helps ensure accurate diagnostics.
4. Document everything: Keep a detailed log of scans, fixes, and changes. This documentation is essential for a successful appeal to Google Ads.

B. Scan Your Website for Malicious Software Causing Google Ads Disapproval

After carefully planning your approach, the next step is to thoroughly scan your website for malicious software or compromised elements. Detecting the root cause is essential before attempting fixes or submitting a Google Ads appeal.

Key actions:

1. Start with Google Search Console: Log into your Google Search Console account and navigate to Security & Manual Actions → Security Issues. Check for warnings such as malware, phishing alerts, or other security problems. Google often provides details about affected pages, helping you narrow down where to focus your cleanup efforts.
2. Run Online Scanners: Free online scanners like Sucuri SiteCheck, Malcure Webscan, and VirusTotal can quickly highlight visible malware, suspicious redirects, or hidden scripts. While these tools might not detect every issue, they are a great starting point for identifying infections in your site’s source code. After this preliminary check, you will need to run a server-side scan to thoroughly examine the database and file system on your server.
3. For WordPress Sites: If your site runs on WordPress, security plugins such as Wordfence, Malcure Malware Scanner, or Malcure Security Suite are highly effective for detecting and removing infections and malware. Perform a full site scan to detect modified core files, malicious content in the database and file system, suspicious PHP scripts, unauthorized admin accounts, or backdoors that hackers may have left.
4. Manually Inspect Critical Files: Even after running server-side scans, it’s important to manually review key files such as .htaccess, wp-config.php, and robots.txt. Look for unusual code, unauthorized redirects, or unfamiliar modifications. This step helps catch backdoors or subtle malicious code that scanners might miss.
5. Document Everything: Maintain a detailed log of all issues you detect, including affected URLs, filenames, code snippets, and screenshots. This documentation will not only guide your cleanup process but also serve as evidence when you submit a Google Ads appeal. Being thorough now reduces the chance of repeated disapprovals and strengthens your case with Google.

Malcure Advanced Edition scans every single file in your WordPress installation for security threats and vulnerabilities. Thanks to its intelligent full-depth infection scanning technology, it can detect hidden malware and infections that other tools often miss — giving your site a deeper, more reliable layer of protection.

C. Clean & Repair Infected Files

After identifying infected files and suspicious elements, the next step is to remove all malicious code and secure your website. Proper cleanup is essential to restore disapproved ads or a suspended account and to prevent future disruptions. However, before touching anything, take a full backup of your files and database. Store this backup securely, preferably off the server. Here’s a step-by-step guide to removing viruses, malware, and infections from your WordPress website: How to clean malware from a hacked WordPress website.

Note: Once the site is clean, clear all the caches, kill all the user sessions and shuffle the salts.

If you are not confident about handling this yourself, you can opt for a professional malware clean-up service.

Did you know the Malcure WordPress Malware Removal service not only cleans your site but also helps restore your Google Ads campaigns? If your Google Ads are disapproved, our security specialists will remove the infections, check blocklists, and assist you with filing a successful appeal.

D. Prevent Re-infection by Hardening Your Website’s Security

After cleaning your site, it’s essential to harden its security to prevent reinfection and avoid future ad disapprovals. A robust security setup not only protects your website but also demonstrates to Google reviewers that the issue has been fully resolved. Here’s a quick checklist for hardening the security of your website:

1. Core Hygiene
   • Update CMS core, themes, and plugins to the latest versions.
   • Remove any plugins or themes you no longer use.
   • Lock down file permissions to follow the principle of least privilege.
2. Identity & Access Management
   • Enforce strong, unique passwords for all user accounts.
   • Turn on two-factor authentication (2FA) for all admin accounts.
   • Audit user roles and remove unknown or inactive administrators.
3. Perimeter Defenses
   • Rate-limit admin URLs and restrict access by IP where possible.
   • Use a Web Application Firewall (WAF) to block common exploits and filter malicious traffic. Many WAFs also provide virtual patching and DDoS mitigation.
4. Monitoring & Backups
   • Enable file integrity monitoring and maintain activity logs.
   • Keep automated, off-site backups with versioning; daily backups are recommended.
   • Set up alerts from Google Search Console for security issues and monitor Google Ads → Policy Manager for new flags.

Including these measures in your Google Ads appeal shows that you’ve addressed both the immediate infection and its root causes, improving your chances of a successful review.

E. Finally Resubmit Your Disapproved Google Ads for Review

Once your site is clean and security measures are in place, it’s time to request a review of your disapproved Google ads. Submitting a clear, documented appeal increases the chances of a successful reinstatement.

Key actions:

1. Verify all issues are resolved: Double-check that all malware, malicious scripts, and suspicious redirects have been removed. Re-run scans using Google Safe Browsing, Sucuri SiteCheck, and use VirusTotal for analysing if any of the security vendors has flagged your site.
2. Keep the documentation handy: Keep detailed logs, screenshots, and notes of the cleanup and security measures implemented. This evidence shows Google that you’ve addressed both the symptoms and the root cause.
3. Reply to the email from the Google Ads team: We get a lot of tickets for Google Ads disapproval due to malicious software, unwanted software or compromised site. In most of the cases Google sends a notification to the owner’s account email explaining the disapproval (or suspension). Reply directly to this email with a clear explanation of the steps you’ve taken to clean your site and secure it. Keep your message clear and factual. Include the following details in your mail:
   • A brief summary of what caused the flag (e.g., “malicious script injected via outdated plugin; also removed bad redirect in .htaccess”).
   • The actions you took (scans, code replaced, files cleaned, users audited, passwords rotated).
   • The preventive measures now in place (WAF, updates, 2FA, backups).
   • Confirmation that key URLs now return clean results (mention GSC and Google Safe Browsing clean status and that remote scans show no malware).

How to File an Appeal via Google Ads Policy Manager

In addition to replying to the Google Ads team over an email or in case if you have not received any communication over the email you can file an appeal via Google Ads Policy Manager. This provides a formal channel for review without relying solely on email communication. Follow the steps given below to file an appeal:

1. Log in to your Google Ads account, click the Tools & Settings icon (top-right).
2. Click the Troubleshooting dropdown in the section menu.
3. Click Policy manager.
4. On the Policy issues tab, find the ad, asset, or campaign flagged for policy violations.
5. Hover over the Status column to view detailed information about the disapproval.
6. Now click Appeal next to the affected ad or campaign and under “Reason for appealing,” select Made changes to comply with policy.
7. In the description field, provide the details of the actions you took to remove malicious software and secure your site.
8. Click Submit to send your appeal.

After filing an appeal, you can check the review status of the appeal under “Appeal History” tab. Here you can find the details for all ads you’ve appealed.

What To Do if Your Entire Google Ads Account Is Suspended

Google Ads account suspension is more severe than a single ad disapproval. It means Google sees a systemic issue — policy violations across the account, unacceptable business practices, or risky behavior at the website level. The process is still manageable if you’re methodical.

Disapproval vs. Suspension

• Disapproval: Specific ads or assets are blocked. You can usually fix the destination or creative and appeal the item.
• Suspension: The entire account is blocked. No ads will run until the suspension is lifted. You must use the account-level appeal path.

How to proceed if your Google Ads account is suspended?

1. Log in to your Google Ads account.
2. Look for a red banner explaining the suspension reason.
3. Click Contact Us or go to the Google Ads Appeals page.
4. Fill out the form carefully:
   • Detail the exact steps taken (scans, cleanup, security hardening).
   • Attach evidence if possible (e.g., screenshots of scan results).

Do not create a new account. Google treats this as circumventing systems and bans both accounts permanently.

Review can take 3-7 business days and sometimes longer. If denied, re-check your site — you may have missed something. Avoid resubmitting repeatedly unless you’ve made new corrective changes.

How To Safeguard Your Google Ads Against Malicious or Unwanted Software (and Compromised Sites)

A strong security posture pays off twice: users stay safe, and your ads stay eligible. And in unforeseen circumstances when your site is flagged by Google Ads, your cleanup and appeal are faster because you already have logs, backups, and a clear process.

• Keep everything updated. CMS, plugins, themes, libraries. Remove what you don’t use.
• Lock down access. Strong passwords, 2FA, least-privilege roles, and periodic user audits.
• Use a WAF to filter malicious traffic and add virtual patching where possible.
• Monitor and back up. Daily off-site backups, file integrity monitoring, and alerting on key changes.
• Review third-party dependencies. Know every script and domain your pages load. Replace outdated or suspicious tools.
• Watch Google dashboards. Check Search Console → Security issues regularly. Check Google Ads → Policy manager and notifications; don’t ignore early warnings.

Key Takeaway: Keep Your Website Secure to Prevent Malware and Google Ads Issues

Even the most well-planned Google Ads campaigns can fail if your website is compromised. Malware not only puts your visitors at risk but can also trigger ad disapprovals or account suspensions, wasting your ad spend and damaging your brand reputation.

A proactive security approach is essential. Using tools like a Web Application Firewall (WAF) can block malicious traffic, apply virtual patching, and protect your site from known vulnerabilities before attackers exploit them. Regular security scans, audits, monitoring, and backups further reduce the risk of reinfection or policy violations.

If you need ongoing assistance, our Website Support & Maintenance Services have you covered. Our team handles all WordPress, plugin, and theme updates, performs regular backups, scans for malware, monitors uptime, and manages all essential tasks to keep your site secure, healthy, and running smoothly.

Need help removing malware or unwanted software from your website? Our professional malware removal service cleans your site, fixes infections, and helps restore Google Ads safely.