Trojan: Win32/Varpes.J!cl


Today when I started my laptop I noticed unusual lag/freeze and shortly after that Windows Defender gave me notification about “Trojan: Win32/Varpes.J!cl”.

Here is description:

The following error occurred: Error code 0x80508023. The program could not find the malware and other potentially unwanted software on this computer. 

Category: Trojan

Description: This program is dangerous and executes commands from an attacker.

Recommended action: Remove this software immediately.

file:C:\Program Files (x86)\GlassWire\GlassWire.exe

Get more information about this item online.(*)

* https ://!cl&threatid=2147706743&enterprise=0

Sorry for malformed link. New users can not post links.


I just ran a scan with Windows Defender and could not reproduce this. Can you run updates on Windows Defender then scan again? What OS version are you using?

This is called a false positive, but we have never seen one from Windows Defender before.

I got the exact same on an uninstall/install of Glasswire.

Windows Defender

Windows 10 v1607

OS Build 14393.351

@JustinasM @dajo2001

I was unable to recreate this on my PC. Can you tell me this?

What definition version are you both using? I need this info for Microsoft so they can fix it.

*You should try the latest definition version before submitting your question. To provide the security software definition version currently installed in your PC:

In your Microsoft security software, click the arrow next to the Help button and then click

Select the definition information and press Ctrl+C.Paste the information on the text box on the right.

I have been unable to reproduce the issue today. Threat definition was updated this morning.

Antimalware Client Version: 4.10.14393.0
Engine Version: 1.1.13202.0
Antivirus definition: 1.231.1182.0
Antispyware definition: 1.231.1182.0
Network Inspection System Engine Version: 2.1.12706.0
Network Inspection System Definition Version:

After I got that alert I made full system scan. At that time virus and spyware definition was up to date.
Definitions might have been updated after alert automatically (?).

Now it is:
Antimalware Client Version: 4.9.10586.589
Engine Version: 1.1.13202.0
Antivirus definition: 1.231.1278.0
Antispyware definition: 1.231.1278.0
Network Inspection System Engine Version: 2.1.12706.0
Network Inspection System Definition Version:

Worth to mention that after I run scans with other few scanners and restarted system GlassWire ran successfully during startup. And at that time there where no alerts.