Take this way for our security solutions

Buy now...


Frequently Asked Questions

Get quick answers to the classics of  questions that may arise when installing or using our products.

IKARUS anti.virus

Quarantined files always appear on the quarantine list even if they are false positives. Will they be automatically restored after a corrected virus-database update has been received?

IKARUS anti.virus basically does not actually move files; infected files found on a machine are blocked by IKARUS anti.virus (i.e. they cannot be copied and executed) and will appear on the quarantine list. In case of a false positive, when a correcting database update is received, the quarantine status is automatically canceled.

Which files are scanned when selecting the predefined Fast System Scan profile?

The Fast System Scan profile provides for scanning the Windows\System32 folder on the system partition. In addition, all modules currently loaded are scanned.

Which files are scanned when selecting the predefined System Partition profile?

The System Partition profile provides for scanning the system partition. The system partition is the volume containing all hardware-related files Windows requires at boot time.

Which files are scanned when selecting the predefined Entire Computer profile?

The Entire Computer profile provides for scanning all local and USB removable disks.

Which files are scanned when selecting the predefined Removable Media profile?

The Removable Media profile provides for scanning floppy, CD, DVD, HD-DVD, and BlueRay drives.

I just have uploaded the new license details to IKARUS anti.virus. The new licenses are now marked with an asterisk. What does that mean?

IKARUS anti.virus has a built-in “get best license” feature: It automatically finds and uses the most appropriate license based on the date and runtime. That license is then marked with an asterisk.

Do all scanning profiles respect excluded files and folders, or are there certain profiles ignoring those settings (e.g. the Entire Computer profile)?

Exclusions are globally applied, even when the entire computer is scanned.

What does the Do Not Scan Files Bigger Than feature do that is accessed via Tools - Exclusions?

Files that are more than 8 MB in size will not be scanned. Virus analyses have shown that, with the exception of infected files, viruses are never larger than 2 MB; this is because otherwise virus distribution would take too much time. By default, the limit is set to 8 MB because this is a good tradeoff between scanning time and security requirements.

The contents of archive files are always extracted, and the size limit relates to the sizes of the contained files and not to the compressed archive files.

Is it possible to scan network drives using IKARUS anti.virus?

The live-scanning function provided by IKARUS anti.virus does not scan network drives. Therefore, we recommend specifically protecting shared network drives using IKARUS anti.virus.

Network drives can be checked by performing an on-demand scan using the following command: C:\Program Files (x86)\IKARUS\anti.virus\bin\virusutilities.exe -SCAN \\SERVER\DIR\. For this purpose, make sure that the GuardX service runs as the user having access permissions for the network drive.

I have just received an e-mail message with my license key for IKARUS antio,virus. What do I have to do to unlock the software using that key?

Right-click the .IKKEY file attached to the e-mail message to save it to the desktop of your computer. Next, launch IKARUS anti.virus and select the Licenses item from the Help menu. Click the Add License button and select the license-key file on your desktop. The Licenses dialog will then list the new license key including the owner, expiration date, and validity.

Is there a free test version of IKARUS anti.virus?

Indeed there is. A request form for a test-license for IKARUS anti.virus, that can be selected during the installation process, is available on our website.

The required test-license key can be ordered via Licenses section under Products - Endpoint Protection - IKARUS anti.virus - Test license for IKARUS anti.virus. After you have entered the necessary details, license key will be sent to the specified e-mail address.

IKARUS anti.virus has reported a virus alert on a file that is known to me. May this be a false positive?

In order to verify whether the file is malware or a false positive, we need to get the physical file. To forward it, right-click the quarantined file and select the Send to Ikarus item from the pop-up menu. If the file has inappropriately been moved to quarantine, it will automatically be restored. If desired, you will also receive an e-mail message with more details.

I have temporarily unblocked a file. Why is that file blocked again after a restart?

When a file is temporarily unblocked, it will be removed from the quarantine list until the next restart only. If you want to permanently exclude that file from being scanned, use the Tools > Settings > Exclusions function. The function allows for excluding individual files as well as entire folders from live scanning and virus scans.

What does the message “A Virus was found on your computer!” mean?

When a pop-up window containing that message is displayed, either your system has a virus or it is a false alarm.

The quarantine list of IKARUS anti.virus will include the concerned file and also has recommendations about what to do about it. (The recommended functions are available from the quarantine window.)

What happens if a client machine is turned off at the time of a scheduled scan?

The next scan will be performed only the next time it is scheduled for.

Which operating systems can IKARUS anti.virus run on?

  • Windows Server 2003
  • Windows XP
  • Windows Vista
  • Windows Server 2008
  • Windows 7

32-bit and 64-bit systems are supported.

Which e-mail programs are supported by the e-mail protection feature?

Microsoft Outlook and Microsoft Outlook Express

What does the Clean Licenses function do?

Clean Licenses checks the validities (or potential validities if the start date is in the future) of all available licenses. Invalid licenses will be removed; afterwards, only valid licenses will be listed in IKARUS anti.virus License Manager.


Where can I get IKARUS

You can search for it on Google Play or follow the link to install via your computer.

Which mobile devices are supported?

All Android devices starting with version 2.2 are supported.

Is the app compatible with tablets?

Yes. The app protects all tablets using Android 2.2 or later.

Is my laptop also protected?

IKARUS protects your Android-powered devices. Please use IKARUS anti.virus to protect your Windows PC or laptop.

Is it possible to use the App on a rooted device?

We do not officially support rooted devices. Due to the copy protection being used, we cannot guarantee that the App can be installed on such devices.

How long will updates be available for the full version bough in Google Play Store? Are they limited to 1 year?

When you purchase the App in Google Play, you receive an unlimited license with no expiration date, for the app itself as well as for database updates!

I bought the app but uninstalled it after some time. Do I have to buy it again?

Existing licenses do not get lost. Licenses from Google Play are automatically restored.

Uninstallation failed. How can I remove the App?

The reason might be that the app still holds a "device administrator" permission. This permission is required for the "wipe" remote-control command.

There are two ways to uninstall the app in such a situation:

The first one is to start the app, then choose "Uninstall" from the main menu. You will be asked for your password, upon which uninstallation will proceed.

The alternative is to manually deactivate the "device administrator", followed by a normal uninstallation:

Please make sure that the "device administrator" permission has been disabled:

Settings > Security > Device Administrators > Deactivate IKARUS

Afterwards you can uninstall the app without problems:

Settings > Applications > Manage Applications > IKARUS > Uninstall

What is the difference between app-only scan and full scan?

The app-only scan scans all installed applications (apps). The full scan additionally scans the content of the SD-card or other built-in memory, where your personal images, videos and music are stored.

How can I configure scheduled scans?

Choose the menu "Settings", then "Scheduled Scans". This allows you to configure your scan schedule. "Scan method" allows you to choose between app-only and full scans for scheduled scans.

Can I cancel / abort a running virus scan?

To cancel a scan in progress, click on "Scan" or on the progress bar. A pop-up will appear and you will have to confirm that the scan should be aborted.

The menu says "protection deactivated"? How can I enable protection?

Choose "Settings", then activate "Protection".

Why are infected apps detected only after installation? Should the installation not be prevented?

For security reasons, the Android system does not provide any way to prevent the installation of some other app (which is usually a reasonable restriction). This is also an example of a fundamental difference between an Android smart phone and, say, a Windows desktop computer.

Nevertheless, IKARUS starts the scan immediately after the other app has been installed. There is currently no other way to provided this feature.

The situation is different when a (virus) app has not been directly isntalled from Google Play but has been downloaded elsewhere or was copied to the device's memory card via USB. In that case, the complete scan performed by IKARUS will find the virus even before the app is installed.

Is spyware like "Flex Spy" and "Spy Bubble" detected?

IKARUS also detects this kind of malware. With IKARUS, your smartphone is protected from malware like viruses, trojans, and spyware!

A virus has been found, but i think the file should be clean?

Files can - in rare cases - be detected as virus even though they are harmless.

If you are unsure about a file, you can send it to our laboratory for further analysis. Click "Infections", then choose the infected file, and click "Analysis". Your file will be analyzed by experts and you can get an optional response. In case the virus detection was really a false alarm, then a fix will be provided with the next database update.

How often are the virus definitions updated?

You can select the update interval to be "twice a day", "daily", "every second day" and "weekly". "Manual" disables the automatic update.

New virus definitions for Android are currently released daily.

Which Version of Android is needed?

The application runs on Android OSs from 2.2 (Froyo).

How much are the license fees for IKARUS

The “free version“ of IKARUS is available on Google Play for free. It is always possible to upgrade to the pre-paid version that offers additional security features like theft protection and SPAM blocking. This “full version” can previously be tested with a free and non-binding demo license.

How is the virus database being updated?

Updates can be installed manually by tapping the corresponding button, automatic update intervals can be set via "Settings" too.

How do I perform a scan?

Just choose the corresponding option in the menu and select the scan method of your choice. Please consider that a "full scan" could take a while.

IKARUS security.manager

What does ISM mean?

ISM is short for IKARUS security.manager. It is a management tool use for administering a large number of IKARUS anti.virus instances on client machines.

I have just installed ISM. What do I have to do to deploy the software on the clients?

A number of requirements must be met for successful software deployment:

  • Simple File Sharing must be disabled on the client machines.
  • File and Printer Sharing must be enabled on the client machines.
  • TCP port 9887 must be open on the server if the graphical user interface is not run on the server.
  • TCP port 9888 must be open on the server for the clients to receive updates via TCP.

To administer a client, right-click it and select Manage Computer from the pop-up menu. Next, select Install IKARUS anti.virus to install the software on the client. Complete the process by following the on-screen instructions.

Which operating systems does ISM support?

ISM runs on: 

  • Windows Server 2003, 32 Bit (Server, GUI)
  • Windows Server 2003, 64 Bit (Server, GUI)
  • Windows XP SP2, 32 Bit (GUI)
  • Windows XP SP2, 64 Bit (GUI)
  • Windows Vista, 32 Bit (GUI)
  • Windows Vista, 64 Bit (GUI)
  • Windows Server 2008, 32 Bit (Server, GUI)
  • Windows Server 2008, 64 Bit (Server, GUI)
  • Windows Server 2008 R2, 32 Bit
  • Windows Server 2008 R2, 64 Bit
  • Windows 7, 32 Bit (GUI)
  • Windows 7, 64 Bit (GUI)




When deploying or administering systems using IKARUS security.manager, would be possible to manually uninstall IKARUS anti.virus, or is that automatically prevented? Is IKARUS anti.virus service protected?

IKARUS anti.virus is protected since the client usually has no permission to terminate the process or on installing the software. To allow for that, a suitable condition must be specified in a relevant company security policy, and employees having appropriate permissions must sign and keep to that policy: They must not uninstall or disable virus protection or specify exclusions that are not covered by the security policy and/or have not been approved by the administrator using IKARUS security.manager.

In addition, IKARUS security.manager allows for identifying user groups that are allowed to administer IKARUS anti.virus. For example, if Domain Admins is selected here, not even a local administrator is allowed to make changes to IKARUS anti.virus or erase viruses. This can be achieved only using the IKARUS security.manager GUI. Appropriate permissions are required for killing Guardxservice.exe, too. Therefore, the problem should not occur on a “normal” client either.

The system does not provide for direct self-monitoring of the service. The Microsoft Services Manager is responsible for that task: Whenever the service has been terminated, it will automatically be relaunched within 60 seconds.

Is it possible to manipulate the status icon of IKARUS anti.virus? Users (and even administrators) should not be confused by the fact that the default policy of IKARUS security.manager disables e-mail scanning, which is reflected in the icon.

E-mail monitoring as such is a main feature of IKARUS anti.virus. Therefore, e-mail monitoring as well as automatic updates are parts of full system protection.

To make this more transparent to the user, IKARUS security.manager provides an option to show status messages in the taskbar; it is enabled by default but can be disabled at any time to hide most of the virus-scanner activities from the user.

Can the ISM database be on a different server (SQL 2005)? And is it a problem if that server is momentarily not available (for example, when rebooting)?

Of course, the database can be moved to an existing SQL server. (That is also advantageous in that the creation of backups has normally already been configured on that SQL server – an aspect that must not be forgotten when using a standalone database.) 

This only requires changing the “dbconnstring” in the ism.conf file (after stopping the ISM service). If no ISM database is found, ISM automatically creates it and all required tables. When ISM cannot access the database, responses to client queries may be delayed as the ISM cannot detect whether the computer is served by ISM. 

Shared folders for automatic installation: Which permissions are needed for the ISM shared folder?

Sharing permissions (as well as NTFS permissions!) should be set to allow read access to all users while the user running the ISM service (which is normally the domain administrator) has write access. (ISM uses the share for access since the share can also be moved to a shared folder on a different server.)

What does the Allow Binary Updates option refer to?

The Allow Binary Updates option specifies whether product updates (in addition to the normal virus database updates) will be made available to the clients. We recommend leaving this option enabled to make sure that the clients always use the latest versions of the scanner, program, and update applications. Thanks to the smart update process, the client software automatically decides, which updates it needs, and is therefore capable of replacing itself. Thus, no user interaction is required even with more recent program versions. What is more, all components are delta updated, i.e. the virus-database, program, and scanner updates are always performed with differential update files to minimize file sizes.

Which external IP addresses does ISM pull the updates from?

During the update process, ISMx establishes a connection to Then, an update server is automatically selected – currently one of the servers mirror01… Since the number of update servers may increase in the future, any firewall rules should reference *

The ISM setup provides Administrator and Password text boxes option. What are these?

The Administrator and Password text boxes are provided for computers that are not include in the Active Directory tree of ISM. Normally, we recommend running the ISM service as a Domain Admin, so the user has appropriate permissions for accessing the clients. Therefore, the boxes may be left empty. However, if you want to add a machine manually, filling in the boxes is required for installation as well as for authenticating communication between IKARUS security.manager and IKARUS anti.virus.

Warn Error While installing Service ismxstartup on Host WS16: opening Servicemanager: :(1722) The RPC-Server is not available.

When deploying IKARUS anti.virus clients via ISM, this error occurs if one or more clients are not available on the network. This can be verified by making sure that the C$ share on the respective machine cannot be accessed.

I just have uploaded the new license details to ISM. The new licenses are now marked with an asterisk. What does that mean?

ISM has a built-in “get best license” feature, i.e. it automatically finds and uses the most appropriate license based on the date and runtime. That license is then marked with an asterisk.

What does the Clean Licenses function do?

Clean Licenses checks the validities (or potential validities if the start date is in the future) of all available licenses. Invalid licenses will be removed; afterwards, only valid licenses will be listed in the ISM License Manager.

What does the string required to integrate a SQL server look like? Which inputs are possible?

DRIVER={SQL Server};SERVER=.\SQLEXPRESS;Trusted_Connection=Yes;

This is the default string used to integrate SQL Server 2005 Express and SQL Server 2008 Express.


DRIVER={SQL Server};SERVER=.\;Trusted_Connection=Yes;

This is the default string used to integrate SQL Server 2005 and SQL Server 2008. Specifying a MSSQLSERVER instance name is not neccessary.



This string is used to integrate a remote SQL Server over a network.


A message I expect is listed neither in the Advanced E-Mail Search nor in Greylisting/spf – Blocked Mails. Was that message rejected by IKARUS?

Regardless of whether they have been accepted or rejected, all e-mail messages received by IKARUS will be listed in one of the above log files. If the log files do not contain any matching item, the message has never been received by IKARUS In this case, please contact the sender to make sure that the message was sent without any problems.

The user interface displays the Delivery Error status for a regular message. Other messages have been accepted by the mail server. Is it possible to view the exact error message on the user interface?

In such case, please contact the IKARUS support. The support staff will provide you with detailed information on the e-mail traffic.

The customer mail server is temporarily unavailable. What about e-mail messages coming in in the meantime?

IKARUS guarantees a storage period of 7 days. Depending on our storage capacities, e-mail messages may be stored for an even longer period. We will repeatedly try to resend undelivered messages in increasing intervals.

A configuration error has occurred on the customer mail server. The mail server has rejected the messages destined to it. Is there a chance that they will still be delivered?

E-mail messages received during the last seven days can be viewed by selecting the Log Entries > Advanced E-Mail Search option on the user interface. Messages listed there can be redelivered. For this purpose, enable the checkbox on the left of the respective message, then click the Resend All Marked Mails item at the bottom of the page.

What does greylisting mean?

Greylisting is a technique for filtering spam messages. For this purpose, an incoming message that has specific characteristics is rejected temporarily with the error code 451 (“spam protection”). If the message is resent at least 40 seconds, but not more than 2 1/2 hours later, IKARUS my.mailwall will accept it and forward it to the target server.

A known issue exists with Microsoft Exchange Server 2003 regarding messages that have been rejected using greylisting; however, Microsoft has released a hotfix solving that issue, which is available for download at


How can I avoid employees surfing the Internet without using a proxy server?

Outgoing connections over port 80 can be blocked using a firewall. In addition, a rule allowing connections to over port 8080 can be configured. All other connections over port 8080 can then be blocked.

© 2014 IKARUS Security Software GmbH