I'm doing some research and documentation on computer viruses.  I'm
trying to find some solid information on how virus VARIANTS come to
be.  From what I can gather, variants are copycat viruses that other
virus writers create and spread?  Can someone just provide me with at
least some decent info on how we get so many different variants of the
same virus?

Interesting question... I have found it is mainly because the original
writer does different copies, I guess to have more chances to spread
it:

"viruses are like earthquakes: The initial outbreak is usually
followed by aftershocks. Variants (copycat viruses that emerge in
droves after the initial outbreak) make up the bulk of known viruses."

Sometimes the virus code is modified for someone else, creating different variants:

"And not all variants stem from mysterious writers. More than a few
companies have been infected by variants created by a curious employee
who fiddled with a virus he or she received, created a new strain of
it, and unleashed it onto the company's system--sometimes
accidentally, sometimes not."

Source:
http://archives.cnn.com/2000/TECH/computing/10/23/virus.works.idg/

"Arrests were made in connection with two variants of the Blaster
worm, but those responsible for the original remain at large"

Source:
http://www.pcworld.com/news/article/0,aid,113331,00.asp

Hope it helps,

Lannaeus

That is so very much helpful!  Thank you, very much.

Actually once a virus is in the wild(public) most of the variants
arent done by the orginal author. Once a virus goes public, the
exploit is public. Depending on how this exploit works, any number of
virus can be derived from it. Some times its the opposite affect, with
the exploit released first, then the trojans, worms, etc.. come.

Take for instance the windows jpg vunerablity.. with in days of the
release there were tons of shell code variants available. Virus such
as Code Red with the isapi overflow were very easy to adjust. The
difference between code Red I and Code Red II was nnnnnnnnn or
XXXXXXXXX.. It was the exact same exploit, but performed a different
funtion on the target machines.

Most of the computer virus are written in C. and when it is compiled,
the binary is code that can be only read by machine, and once
compiled, one can not get the source code in C from compiled code.

So, Variant can occur.
1)origianl writer, who has source code, can tweak some source code,
and recompile to release. then it's a variant.
2)source code is public. Agobot source code is made public, and many
underground community share code. Since the source code is public,
many people can tweak the source code to make a variant.
3)worm contruction kit is also made public. for example, Spybot
contruction kit is public in underground community. with the kit that
has Graphic User Interface, it has become so easy that almost anyone
can make a worm.