The Cyber Command of New York Ransomware is part of the Troj/Urausy Ransomware family of computer infections that displays a lock screen when you start Windows that requires you to pay a ransom before you can access your Windows desktop, applications, or files. This ransomware pretends to be a joint initiative between the Cyber Command of New York, the FBI, U.S.A. Cyber Crime Investigations, the Department of Justice, and Interpol to block computers that supposedly engage in illegal cyber activity. This supposed illegal activity includes the possession or distribution of child pornography, copyrighted files, and computer viruses. It then states that since you are a first time offender you can pay a fine of $300 within 48 hours in order to avoid legal prosecution. The text in these messages can be scary if you are not familiar with them, so please remember that this is a computer infection and you are not actually being targeted by any government agencies.
When you are locked out of Windows you will be shown a screen that contains the following text:
Cyber Command of New York
U.S.A. Cyber Crime Investigations
Cyber Crime Unit
Your computer has been blocked up for safety reasons listed below.
You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape etc). You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of United States of America criminal law.
Article 161 of United States Of America criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years.
Also, you are suspected of violation of "Copyright and Related rights Law" (downloading of pirated music, video, warez) and of use use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of United States of America Criminal Law.
Article 148 of United States of America criminal law provides for the punishment of deprivation of liberty for terms from 3 to 7 years or 150 to 550 basic amounts fine.
It was from your computer, that unauthorized access had been stolen to information of State importance and to data closed for public Internet access.
<more fake legal threats>
The penalty set must be paid in course of 48 hours as of the breach. On expiration of the term, 48 hours that follow will be used for automatic collection of data on yourself and your misconduct, and criminal case will be opened against you.
Amount of fine is 300$. You can settle the fine with MoneyPak or MoneyGram xpress Packet vouchers.
As soon as the money arrives to the Treasury account, your computer will be unblocked in course of 24 hours.
Then in 7 day term you should remedy the breaches associated with your computer. Otherwise your computer will be blocked up again and criminal case will be opened against yourself (with no option to pay fine).
As you can see, this computer infection was designed to scare you with legal threats in order to scare you into paying the ransom. As this is not an official block, please ignore anything it displays and instead use the removal guide below to remove this ransomware from your computer.
Your computer should now be free of the Cyber Command of New York Ransomware infection. If your current anti-virus solution let this infection through, you may want to consider purchasing the licensed version of HitmanPro to protect against these types of threats in the future.
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "shell" = "explorer.exe,%AppData%\cache.dat"
BleepingComputer.com can not be held responsible for problems that may occur by using this information. If you would like help with any of these fixes, you can ask for malware removal assistance in our Virus,Trojan,Spyware, and Malware Removal Logs forum.
If you have any questions about this self-help guide then please post those questions in our Am I infected? What do I do? and someone will help you.