We had clients who faced this issue of ads not being approved by google due to unknown issue. Here I’ll share step by step guide which you can follow to get out of this situation.
Stage 1 (initial investigation)
- If you only got this message :
“Campaign Paused” : Disapproved. Malicious Software Found”
And now you don’t know what to do?
- Try to find such scrips in your code or if you are using wordpress or other cms, there are plugins which can scan your website for example: “Wordfence”, Malcare WordPress Plugin and many more, Just google it.
- If you did not find anything then don’t waste much time on it, because it is possible that there is NO malware at all (or malware which can’t be detected)
Stage 2 (Diving Deeper)
- Without wasting time send an email to the google adword support team and ask them for particular url where they found the malware.
- They will reply between 1 to 3 days and they will surely provide some information and url.
- Now check on that url (using ctr+u) and see if there is any unwanted script etc. If you find anything then scan than particular page with online malware tools and then remove those scripts. Make sure to get it done by professional and close all entry points from where these scripts might have entered into your website. After this you can apply for ads again.
- If still you find nothing, then you are left with only once choice.
Stage 3 (Ultimate solution – Tried and tested)
- Now you have tried everything but still no solution. Then you are left with only one solution. We have done it for many websites and it worked perfectly.
- Sometimes you use shared hosting or the IP which is somehow blacklisted by google or other antivirus software. So even if your website is clean they consider it as spam.
- Or your website might have malicious malware which does not show up every time. Sometimes attackers create scripts which works only when specific conditions are met. For example: when country is xyz, when browser is this, when time is 12 am etc. So it becomes very difficult to detect such malware.
Lets go to solution part now:
- Here I am considering you are using WordPress (but solution is same for any other framework).
- Make a list of plugins you are using.
- Identify plugins which are not free but you are either using unlicensed plugin or nulled plugin.
- Check all the themes, make note of any theme which is free (downloaded from untrusted sources) or nulled theme.
- Now buy a new server and point your domain to it. (This is to make sure you are not using a server which already has malware. You can skip this step if you don’t want to switch server.) *** You can use this server for few days until ads are approved and go back to your old server if you want ***
- Make a fresh install of WordPress on your new server.
- Install these necessary plugins :
Must have plugins for WordPress
- Now start moving your content from old server.
- Do not move plugins which are either nulled/unlicensed. Also don’t move such themes as well.
- Now it is the time either you buy those plugins/themes or find alternate solutions (using free plugins instead).
- Generally these nulled plugins contain the malicious code which might infect your website. Sometimes such plugins make use of your server to serve illegal content without you even knowing it for a long time.
- Once all this is done make sure to change the urls of the pages which google reported as spam (google might have provided you some urls when you contact them in previous step). This step is to make sure if they are not caching the old pages and report them malicious again.
- Now contact the support team again and tell them to check your website again (by explaining the whole issue of ads being rejected due to malware).
- Now you’ll get an email in 2-3 days saying : Everything seems clean, you can resume your ads or re-apply.
- Now resume your ads and they will be approved in few hours.
*Note: You can get rid of this problem in stage 1, 2 or 3. It all depends upon severity of the issue.
Please share your feedback if somehow you were still not able to find the solution to get your google ad approved. Team Codedrill will assist you finding a solution for this.
2 replies on “Fix: google adwords malicious or unwanted software”
Finally got this problem fixed. I was facing this absurd issue form last 2 weeks, I searched everything. Google threads are of no help.
But was finally to get this problem fixed using these steps.
Thanks for this ultimate guide.
FYI I was able to fix this using step 3.
Not sure why you suggested to change the server. I was able to fix it without changing the server.
But thanks for the tips, I followed all steps (except changing the server that i couldn’t afford at this stage).