A new Trojan program Trojan.Encoder.21 (quite similar to the previous Encoder.19 version) has been detected by Doctor Web. Encoder.19’s principle of functioning is similar to Gpcode that was recently discovered by Kaspersky’s lab. The virus encrypts user files (.jpg, .psd, .cdr, .mov, .doc, .xls, .ppt, .rar, .zip, .mp3, .pdf, etc) stored on the hard drives, and the files become inaccessible. After encryption is performed, the virus creates the “crypted.txt” file that demands the user to pay $89 for a decoder, using a specific payment system. The previous versions of the virus used temporary links, while the new version is constantly stored on some websites (already known as Trojan-“distributing”). This can enable the virus to spread more quickly than before. Experts do not recommend paying the bleeders. Doctor Web created a free utility te19decrypt.exe that decodes the encrypted files and creates new versions without “.crypt” ending. The utility has a graphic interface module that makes the program very handy.