Here is what to do if your Google ads suddenly stop appearing and your AdSence and Adwords screens show “malicious or undesirable software” and your ads are disapproved.
Find out if your site is infected with malware
When Google disapproves an ad, it means that Google found malware on your site when it crawled it.
If your site is infected with malware, you will often see specific symptoms on your site, such as being redirected to a different site when accessing your site, or being redirected to a different site only when visiting your site from Google search results.
It is also possible to check the infection status of your site externally with services such as the following.
Website Safety Rating by Trend Micro
The detection rate of the above is quite low because it is checked from outside the site.
Detect and remove malware from within the site (programs on the server).
WordPress :Malware Scan & Security Plugin [Malware & Virus Detection and Removal], created by WordPress Doctor, can detect and remove malware from thousands of patterns with even higher accuracy.
What if no malware is found?
If you still cannot find any malware, you may want to check the following
(This is the most effective method when there are symptoms of malware infection)
1 If you are using a CDN, try turning it off.
2 Try removing Google Tag Manager from your site’s code
3 Try visually inspecting the main theme files (Functions.php, Header.php, Single.php, Footer.php, Page.php, Wp-config.php)
4 Try to prevent displaying affiliate ads, as external affiliate ads may contain malware.
5 Check for vulnerabilities in plug-ins, as they may have rewritten the database.
I have removed the malware (virus), but my ads are not approved by Google.
Google’s ad review process has been continuously failing (disapproved) even though we have removed malware (viruses) from our various clients’ websites. (As of May 2020)
Below are the reasons why we believe Google is mis-detecting malware
Malware files shown by Google may include simple JPG images or general JS distributed from official WordPress plugins.
Even if you put mere HTML on the server, it may not pass the examination.
There is a case that the application will be approved only by changing the URL of the site such as adding www.
We believe that Goolge’s malware scanning mechanism and screening methods are somewhat opaque, and that it is possible for a site to not pass the screening process even though it is free of malware.
In this case, you can protest directly to Google’s support by sending an email, or after a long period of time (1 week to 1 month), your site may suddenly be approved.