Written by Robert Bailey

What is PUA:Win32/Caypnamer.A!ml infection?

In this article you will see the complete description of PUA:Win32/Caypnamer.A!ml virus, together with its negative impact on your system. That virus is a potentially unwanted program with trojan-downloader elements.

Robert Bailey
Robert Bailey
IT Security Expert

It is better to prevent, than repair and repent!

When we talk about the intrusion of unfamiliar programs into your computer’s work, the proverb “Forewarned is forearmed” describes the situation as accurately as possible. Gridinsoft Anti-Malware is exactly the tool that is always useful to have in your armory: fast, efficient, up-to-date. It is appropriate to use it as an emergency help at the slightest suspicion of infection.
Gridinsoft Anti-Malware 6-day trial available.
EULA | Privacy Policy | Gridinsoft

PUA:Win32/Caypnamer.A!ml Summary

The Caypnamer virus is a perfect example of the program that hides the virus inside. You can get that virus as a utility of some sort. License hacking tools, keygens, system optimizers and various other programs, which are often recommended as a way to boost your PC, are often used as shells for such malware. These programs may be present even in the original shape, without a virus inside. Exactly, that’s why this detection has a “PUA” header. Anti-malware programs are not able to decompile the program and check the presence of viruses inside of its source code. So the developers of security tools decided marking any instance of such applications.

If you see the “Caypnamer.A!ml” detection name, your variant of that unwanted program contains the trojan-downloader. That kind of trojan virus is designed to inject various other malware in the victim’s system. It changes the certain networking settings, makes changes to your registry and Group Policies. Then, the virus connects to the command server and receives a so-called payload – a pack of various malware. The exact types of malware may differ in a very wide range – spyware, banking trojans, ransomware, coin miners – whatever you can imagine.

PUA:Win32/Caypnamer.A!ml distribution methods

As I mentioned, that virus is spread in the shape of a “useful tool”. You can get advice to install it on online forums, as well as in different communities. Some cases of PUA:Win32/Caypnamer.A!ml were related to a so-called Discord virus. Users may ensure you that this program is 100% legit and effective. In fact, this user is a member of malware distributors team, or their affiliate, who receives a penny for each installed virus.

It is quite hard to predict if the program you are offered is really legit. The majority of anti-malware vendors mark all questionable programs as potentially unwanted, regardless of the fact of malware presence. Hence, you never know for sure if you are in danger. The best way to avoid being infected is the refusal to use such tools. The majority of such tools are about to offer some sort of outlaw actions. Hacking the Windows license checking mechanism, generating the activation key for Adobe products, optimizing the system in several clicks – all these functions are not harshly needed. Paying for a licence once will save you and your wallet from further spendings on system recovery.

How can I see that my system is infected with PUA:Win32/Caypnamer.A!ml?

In fact, you cannot see the exact moment of virus injection. The only notification that may appear is the message from Windows Defender, that notifies you about the PUA:Win32/Caypnamer.A!ml. The really visible effects appear only after the payload injection. Unwanted ads appearance, changes in the browser settings, rapidly increased CPU load – that is not even a half of the list of possible symptoms. Downloaders can infect your machine with any possible virus.

The best way to detect the Caypnamer activiry is to use antivirus programs with the proactive protection onboard. Proactive, or on-run protection is a mode when the security tool checks all files you open and all programs you run for malicious activity. Hence, when the virus will apply the aforementioned changes to your system configurations, antivirus tool will stop it and notify you. GridinSoft Anti-Malware has this function, and tests show that it can easily stop this downloader. Read the guide for PUA:Win32/Caypnamer.A!ml removal below.

Technical details

File Info:

crc32: 84839823
md5: 62070b0800e57139b0b70f23f6267e96
name: 62070B0800E57139B0B70F23F6267E96.mlw
sha1: ee29617475ea099705ebcd648dd63d41a85da9a8
sha256: bdb87729fff77c9ec0093fc10afa1a6356698db20c794dc63d17b05219f26c65
sha512: f2a7a8b486d428eca060534d6ae865d408cee7837119bcd8d1d5601887f64f13a7bf2f89ba2ca0737201b0124165d50d702c2707e1d6c60519895ec96eb93aa0
ssdeep: 98304:zbEiSBnvFxSYbNt4KEd7ZzyunNsedykDZQ4HQbOK3xQlGelxD:z+BvC8i1GewkFOO2elLT
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

PUA:Win32/Caypnamer.A!ml also known as:

GridinSoft Trojan.Ransom.Gen
Bkav W32.AIDetectVM.malware1
Elastic malicious (high confidence)
Sangfor Malware
Cybereason malicious.475ea0
Symantec Ransom.Wannacry
ClamAV Win.Trojan.Autoit-9792204-0
Kaspersky not-a-virus:HEUR:AdWare.Win32.KuziTui.gen
Invincea Generic ML PUA (PUA)
McAfee-GW-Edition BehavesLike.Win32.Dropper.rc
MaxSecure Trojan.Malware.121218.susgen
FireEye Generic.mg.62070b0800e57139
SentinelOne Static AI – Suspicious PE
Microsoft PUA:Win32/Caypnamer.A!ml
ZoneAlarm not-a-virus:HEUR:AdWare.Win32.KuziTui.gen
Cynet Malicious (score: 100)
Acronis suspicious
VBA32 BScope.Downloader.KuziTui
Panda Trj/Genetic.gen
ESET-NOD32 a variant of Win32/KuaiZip.M potentially unwanted
Rising PUF.Presenoker!8.F608 (TFE:5:L0lLXDBMMQR)
Yandex Trojan.GenAsa!j+uSkypE9Es
eGambit Unsafe.AI_Score_99%
CrowdStrike win/malicious_confidence_100% (D)

How to remove PUA:Win32/Caypnamer.A!ml virus?

Unwanted application has ofter come with other viruses and spyware. This threats can steal account credentials, or crypt your documents for ransom.
Reasons why I would recommend GridinSoft1

The is an excellent way to deal with recognizing and removing threats – using Gridinsoft Anti-Malware. This program will scan your PC, find and neutralize all suspicious processes.2.

Download GridinSoft Anti-Malware.

You can download GridinSoft Anti-Malware by clicking the button below:

Run the setup file.

When setup file has finished downloading, double-click on the setup-antimalware-fix.exe file to install GridinSoft Anti-Malware on your system.

Run Setup.exe

An User Account Control asking you about to allow GridinSoft Anti-Malware to make changes to your device. So, you should click “Yes” to continue with the installation.

GridinSoft Anti-Malware Setup

Press “Install” button.

GridinSoft Anti-Malware Install

Once installed, Anti-Malware will automatically run.

GridinSoft Anti-Malware Splash-Screen

Wait for the Anti-Malware scan to complete.

GridinSoft Anti-Malware will automatically start scanning your system for PUA:Win32/Caypnamer.A!ml files and other malicious programs. This process can take a 20-30 minutes, so I suggest you periodically check on the status of the scan process.

GridinSoft Anti-Malware Scanning

Click on “Clean Now”.

When the scan has finished, you will see the list of infections that GridinSoft Anti-Malware has detected. To remove them click on the “Clean Now” button in right corner.

GridinSoft Anti-Malware Scan Result

Are Your Protected?

GridinSoft Anti-Malware will scan and clean your PC for free in the trial period. The free version offer real-time protection for first 2 days. If you want to be fully protected at all times – I can recommended you to purchase a full version:

Full version of GridinSoft

Full version of GridinSoft Anti-Malware

If the guide doesn’t help you to remove PUA:Win32/Caypnamer.A!ml you can always ask me in the comments for getting help.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)


  1. GridinSoft Anti-Malware Review from HowToFix site: https://howtofix.guide/gridinsoft-anti-malware/
  2. More information about GridinSoft products: https://gridinsoft.com/products/

About the author

Robert Bailey

Security Engineer. Interested in malware, reverse engineering, white ethical hacking. I like coding, travelling and bikes.

Leave a Reply


This site uses Akismet to reduce spam. Learn how your comment data is processed.