Details
Crucifixion.2888

It’s a not dangerous memory resident parasitic virus. It hooks INT 9, 21h and writes itself to the end of .COM-files that are opened by INT 21h function ExtendedOpen (AH=6Ch). On pressing Alt-Ctrl-Del, depending on the system date it draws the picture, plays the tune and displays the messages:
If you’re the Messiah and you know it,
Clap your hands!
Then your face will surely show it,
(rucifixion Virus 1.0
(c) 1994, by Jesus of The Trinity

Details
Crooked.979

It’s a not memory resident not dangerous virus. It searches for a COM- and EXE-files and infects them. EXE-files are infected by a standard way, the COM-files infected into the beginning. This virus contains the encrypted string: “*.com *.exe Only God knows!”. Sometimes it decrypts and types:
There was a crooked man, and he went a crooked mile,
He found a crooked sixpence against a crooked stile,
He bought a crooked cat, which caught a crooked mouse,
And they all lived together in a little crooked house.

Details
Crocodiles.1592

It is a very dangerous memory resident parasitic virus. While executing an infected program the virus searches for the COMSPEC string, and infects the command interpreter (COMMAND.COM). While executing an infected command interpreter the virus hooks INT 21h and then writes itself to the end of COM and EXE files (except SCAN.EXE) that are executed.
Depending on its generation the virus also hooks INT 8 (timer) and manifests itself with some sound effect. The virus also calls some other effects and erases the disk sectors, but that code is corrupted, and the computer halts. The virus contains the text string:
CROCODILES

Details
Croatia_II.560

It is a very dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM files that are executed. The virus deletes the CHKLIST.MS file, if it exists. On February 12th it erases the hard drive sectors and displays the message:
Croatia must be free !
(c) 1995 by Inquisitor.

Details
Croatia.1349

These are a very dangerous memory resident parasitic viruses. They hook INT 21h, 28h and write themselves to the end of .COM files that are executed. When infected files are opened or loaded for debugging, the viruses disinfect them, and infect again when the file is closed. While disinfecting the viruses create the temporary file (”Croatia.1349″ - E, “Croatia.1535″ - LARGE2.COM), copy the disinfected copy of the source file, and rename that file to the original name.
Depending on the system time and date the viruses decrypt the text string “Croatia” and overwrite the disk sectors with this string (”Croatia.1535″ reads from the sectors instead of writing).

Details
Critter.1015

Critter.1015 is not a dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM-files that are executed. Depending on the system timer the virus displays the message:
[PGa] a critter from DC has infected U

Details
Critico.969

It is not a dangerous memory resident parasitic virus. It hooks INT 21h and writes itself into the middle of COM and EXE files that are executed. While infecting a file the virus scans for a ‘cave’ that contains constant data, and overwrites these data. Depending on the system date and time the virus decrypts and displays the message:
<——- ERROR CRITICO: Fuga de presi-n en el monitor.

then it manifests itself by a video and sound effect.

Details
Critico.965

This is a benign memory resident parasitic virus. It hooks INT 21h, and writes itself into the middle of COM and EXE files that are executed. While infecting, the virus searches for the “cave” (the area filled with constant data) inside of the file body, and overwrites it. As a result, the file length does not increase.
In March, depending on the system timer, the virus erases the screen (with video and sound effects), and displays the following message:
<——- ERROR CRITICO: Fuga de presión en el monitor.

Details
Cripple.403

It is not a dangerous nonmemory resident parasitic virus. It searches for .COM files, then writes itself to the end of the file. Before returning to the host program the virus decrypts and displays the text:
What Fucked Ass Has Written FATMAN?
It Was A Cripple Of A Virusall
…It Crashed Every Time
If You Cant Write A Virus … Let It Be
FATMAN Was Crippled By An Ass Hole And Rescued By
Spooky. Austria 1996

Details
CriminalWW.1788

These are very dangerous memory resident parasitic polymorphic viruses. They trace and hook INT 21h, then they write themselves to the end of COM and EXE files that are executed or opened. Depending on their internal counters the viruses erase the MBR of the hard drive and then display the message:
Criminal!
by WW /DC

The viruses also contain the text string:
Wild W0rker /DC

Details
Criminal.2615

Criminal.2615 is a memory resident very dangerous virus. When the infected file is started the infector hits the file C:\COMMAND.COM. When the virus starts from file COMMAND.COM it stays memory-resident and starts to infect other files when they are started. The infector checks the command line and if some combination (.F, .Z, .E, .D, .S) of letters present then:
displays messages like a “Criminal, be a wiseguy and turn youreself in, if you don’t I will”;
renames all files of current directory to CRIMINAL.xxx and then displays:
+——————————————-+
¦ The Ultimate Weapon has arrived, ¦
¦ please contact the nearest police station ¦
¦ to tell about the illegal copying of you ¦
+——————————————-+

It also contains the strings: “.Status”, “.Enable”, “.Disable”, “.Force”, “.Zero”, “C:\COMMAND.COM”, “STATUS:”, “CRIMINAL.000″.

Details
CriCri.4616

This is very dangerous memory resident polymorphic and stealth multipartite virus. It hooks INT 13h, 21h and writes itself to the end of COM and EXE files that are executed or closed, and to the boot sector of floppy disks that are accessed. The virus does not infect the files that have digit or ‘V’ character in their names as well as TB*.*, SC*.*, F-*.* and GU*.* files. The virus has a bug and may corrupt the files while infecting them. On June 4th the virus displays the message and halt the system:
Cri-Cri ViRuS by Griyo96 allTried, tested, not approved.
The Implant virus is related to the CriCri family.

Details
CriCri.4300

This is very dangerous memory resident polymorphic and stealth multipartite virus. It hooks INT 13h, 21h and writes itself to the end of COM and EXE files that are executed or closed, and to the boot sector of floppy disks that are accessed. The virus does not infect the files that have digit or ‘V’ character in their names as well as TB*.*, SC*.*, F-*.* and GU*.* files. The virus has a bug and may corrupt the files while infecting them. On June 4th the virus displays the message and halt the system:
Cri-Cri ViRuS by Griyo/29A allTried, tested, not approved.
The Implant virus is related to the CriCri family.

Details
Crew.1967

These are not dangerous not memory resident viruses which search for .COM-files of current directory and infect them by standard manner. They contain the text strings “*.com”. “Crew.1967″ contains the encrypted string “COMMAND.COM”. They also display pictures like this:

Details
Crepate.2910

This is dangerous memory resident multipartite encrypted virus. On execution of infected file it infects the current drive: boot sector if the current drive is floppy one, and MBR if it is a hard drive. On loading from infected disk the virus hooks INT 1Ch, waits for DOS loading, hooks INT 21h and writes itself at the end of the COM files that are accessed. Depending on the system timer the viruses erase the disk sectors.
The virus contains the following internal text strings:
COMcomEXEexeOV?ov?
Crepate (c)1992/93-Italy-(Pisa)
Crepa(c) bye R.T.