I recently had a frustrating experience trying to get some Google Ads reinstated that had been disapproved due to ‘Malicious or unwanted software’, so I thought it might be useful to share the process that eventually got them back online.
Step 1 – Identifying the issue
Google didn’t tell me what the ‘malicious or unwanted software’ they’d identified was and having examined the site it wasn’t obvious.
There were no signs of a hack or any significant changes to the content, so it was perplexing why Google had suddenly developed a problem with a site that they’d had no problem with for a year previously.
With no obvious fix, I had to contact Google directly, which I did via a Live Chat here. You may be able to phone them for a quicker response, but this was at the height of the Coronavirus outbreak and their services were limited.
Here I spoke to what seemed like a low-level operator, but they were able to at least tell me what was triggering the error.
Incidentally, the software they deemed malicious was an embedded login for a secure file transfer system, which was in no way malicious, so don’t be surprised if what they’ve flagged isn’t the result of a security breach.
With this information I could at least take an action.
Step 2 – Removing the code/software
I could have tried my luck with arguing with them over the validity of the software, but given that it wasn’t essential, I decided to just remove it from the website, which took about 2 minutes.
If you’re not in a position to get rid of whatever Google has a problem with and/or can’t justify why that code is in place, you’ve got a problem to solve.
But if you can get rid of it yourself or get a developer to do so, then you’re on the road to recovery.
Step 3 – Resubmit your ads
Depending on the issue you can either resubmit your Ads by finding the ‘Appeal’ link as noted here or simply making a minor edit to your existing ads, which will automatically trigger a fresh inspection.
There was no ‘Appeal’ link so I had to do the latter and this was where the frustration really ramped up.
Step 4 – Making sure Google deliver
I modified the ads and sent them off for approval and believed, having removed the code requested without argument they’d be re-activated. This didn’t happen.
I had to go back to the Live Chat several more times over the course of 10 excruciating days, explaining that everything was fixed and asking for a response.
They repeatedly told me they had just ‘rescanned the site’ and the malicious code was still present, but it simply wasn’t. At this point, I was really pulling my hair out and wondering if I’d ever escape the merrygoround.
At one point they also asked me to upload a screenshot from Google Search Console to prove the site was clean, which was made all the more complicated by the fact the Live Chat had no image upload option, meaning I had to put the image in Google Drive and send them a link.
Eventually, after enough kicking and screaming it was pushed up the food chain and I received an email telling me the ads would me active in the next two hours after a successful manual review, which mercifully – they were.
Bottom line: Find the issue if it’s obvious and fix it. If it’s not obvious get onto Google for more detail. Remove the problem and resubmit your ads. And crucially, keep nudging Google if there’s no movement because it will accelerate the process.