1. /
  2. Security Response/
  3. Trojan.Gpcoder.E


Risk Level 1: Very Low

July 17, 2007
August 22, 2012 8:58:56 AM
Also Known As:
Virus.Win32.Gpcode.ai [Kaspersky], Win32/Kollah.AB [Computer Associates], Troj/GPCoder-G [Sophos], Sinowal.FY [Panda Software], PWS-JT [McAfee]
Infection Length:
58,368 bytes
Systems Affected:
Windows XP, Windows NT, Windows Server 2003, Windows 2000
Trojan.Gpcoder.E is a Trojan horse that encrypts files and then prompts the user to purchase a password in order to decrypt them.

Note: Virus definitions dated July 17, 2007 or earlier detect this threat as Infostealer.Banker.C.

For more information, please see the following resources:

Antivirus Protection Dates

  • Initial Rapid Release version July 17, 2007 revision 009
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version July 18, 2007 revision 004
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date July 18, 2007
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Low
  • Payload: Encrypts certain file types on the compromised computer.
    Opens a back door.
  • Releases Confidential Info: May steal sensitive information.


  • Distribution Level: Low
Writeup By: Elia Florio

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver