1986：

这一年第一个计算机病毒面世，它感染引导区，由名叫Basit和Amjad两个人编写。

他们给这个程序命名“病毒”是因为它可以感染别的计算机和磁盘！这个病毒并没有名字，它也不传染，且只能感染360KB的软盘！

同时一个叫Ralf Burger的程序员制作了第一个文件感染病毒，他把他这个程序命名为VIRDEM！这个病毒可以感染当前目录下所有的COM文件。Burger写了一本关于计算机病毒的书，因为这很多人开始编写像VIRDEM的病毒。

1987：

在1987年著名的引导区病毒”Brain”产生了，如果从一个感染的磁盘启动，你就会看到“(c)Brain”这个标记！Brain感染所有的磁盘，不仅仅是360KB的磁盘，因此Brain可以在全世界很多的情况下被发现。

同时在这一年另外一个病毒被写了出来，”Lehign”病毒。它是一个非常不成功的病毒，因为它只可以感染COMMAND.COM

Vienna病毒在澳大利亚传播，它是一个普通的.COM感染病毒。

在以色列，另外一个程序员开始写病毒，它最先命名Shriv-01.它是一个常驻内存的病毒，并且可以感染所有的.COM文件。这是一个更好的策略跟那些像Vienna非常驻的病毒比起来，他的第二个病毒叫着Suriv-02.这个第一个感染.EXE文件的病毒。Suriv-03是他的第三个病毒，它是一个常驻的可以感染.EXE和.COM的病毒，这个病毒又被反病毒程序叫着”JERUSALEM”。

在惠灵顿大学一个学生制作了 Stoned病毒，它可以感染引导区和硬盘。

1988：

在那一年，很多程序员开始去写病毒。

最著名的病毒是”VIRUS-B”. 它感染当前目录下的所有的.COM文件。

1989：

Datacrime病毒被写出来，他是一个像Burger病毒一样被重写的程序，但是他可以摧毁感染计算机上的所有的文件。

IBM制作了第一个反病毒程序。

1990：

在保加利亚第一个Virus Groub被发现，它被命名为BBS。

这个病毒变得很复杂，因此AV（反病毒）必须做很多的工作去分析和理解这些程序。

在1990年末一些AVs发现EICARGroup，因为他们知道，他们必须联合起来。

1991：

在这一年的开始只有将近250只能怪病毒，但是到了12月的时候AVs找到1100种左右病毒。

Tequila是第一个完全多行的病毒，它是在瑞士被写出来并且得到了广泛的传播，这个病毒也使用了完全隐身技术。到这一年末，出现了很多多行的病毒，那就意味着反病毒研究者需要做更多的工作，因为他们需要更深入的分析。

一个叫Dark Avenger的病毒编写者编写了一个多行的病毒，这个病毒有将近4000000000种不同的形式

1992：

1992年一月来自DarkAvenger的SelfMutating Engine（MtE，自动变异引擎）出现了，如果那个程序被包含在一个正常的病毒源代码里面，这个病毒就变成了完全多形的。

另外一个受欢迎的病毒是STARSHIP，他是一个多形的病毒，它使用了一些反调试的棋牌哦！它仅感染复制进软盘的文件，因反病毒程序的校验和。

1992年最大的事是Michaelangelo，它在3月6号向5000-10000台电脑摊牌（showdown）。

在8月第一个病毒生成器被开发出来，开始是VCL(VirusCreation Laboratory)，然后是DarkAngel的Phalcom/SkismMass-Produced Code Generator. 将近30种的这种病毒开始传播。

1993：

一个新的VX团队被发现在荷兰：Trident。这个团队开发了另外一个多形的引擎叫做GIRAFE。这让分析和侦测这病毒和去避免误报变得更加困难。

同样NED团队开发了一个叫Itshard的多形的引擎，它比MtE更加有欺骗性。

Dark Angel写了他的多形引擎DAME（DarkAngel’s Muliple Encrytor）.它并没有像MtE一样成功，因为它在每个DAME病毒里面都写在同一行。

1986:

The firstcomputervirus was written. It was a bootsector-Infector and wereprogramed by two men named Basit and Amjad.

They namedthere program "virus" because it was able to infect other computersand disks! This virus hadn't a name and it

didn't becomespread. The virus only infected 360 kb flobby disks!

Meanwhile aprogrammer named Ralf Burger made the first file infection virus.He named his "program" VIRDEM!

This virus wasable to infect all COM files in the current dir. Burger wrote abook about computer viruses, because of this

many peopleprogramed viruses like the first "burger"-virus!

1987:

In 1987 thefamouse bootsector virus "Brain" became programed! If start from ainfected disk, you will see the label "(c) Brain"!

Brain infectedall disk, not only 360kb disks, so brain could be found in the mostcases in the world.

In that year aother virus was written, the "Lehigh"-virus. It was a veryunsuccessfully virus, because it infected only theCOMMAND.COM.

The Viennavirus spreded in Austria. It was a normal .COM infectionvirus.

In Israel,another programmer begun to write virus. His first named Suriv-01.It was a memory resident virus and was able to infect all .COMfiles.

It was a muchbetter strategy than than a non-resident virus likevienna.

His secondvirus named Suriv-02. This was the first .EXE infectionvirus.

Suriv-03 washis third virus. It was a resident .EXE and .COM infector. Thisvirus is named "JERUSALEM" from AV programs.

In theUniversity of Wellington a student made the "Stoned"-virus! Itinfected the bootsector of disks and hard disks!

1988:

In that year,many programmer begun to write viruses.

The mostfamouse virus was the "VIRUS-B". It infected every .COM file in thecurrent dir!

1989:

"Datacrime"-virus was written. It was a overwritingfile-virus like the "burger"-viruses. but it destroyed the wholefiles on the infect computer.

IBM made thefirst Anti Virus program.

1990:

In Bulgarianthe first Virus Groub was found and it named BBS.

The virusesbecame very complex, so the AVs had much work to analyz andunderstand these programs!

In the end of1990 the some AVs found the EICAR group, because they know, theyhad to organize!

1991:

In thebeginnig of that year there were about 250 viruses, but by December1991 the AVs were counting about 1100 viruses.

"Tequila" wasthe first full polymorph virus. It was written is Swizerland and itwas very widespreaded! This virus also used full stealthtechnique.

By the end ofthat year there were a few dozen of polymoprph viruses, that meantmuch work for the Anti Virus Researcher, because they need a deeperanalyz.

A Virusprogrammer named Dark Avenger coded a polymorph virus, which hadabout 4.000.000.000 different  form.

1992:

January 1992saw the Self Mutating Engine (MtE) from Dark Avenger. If thatprogram was included into a normal Virus Sourec Code, the virusbecame totally polymorph.

An otherpopulary virus at that time was "STARSHIP". It was a polymorphvirus, which used some anti-debugging tricks! Starship infectedonly files, which was copied to a floppy disk, because of theChecksumming from AV-programs.

The greatestevent in 1992 was "Michelangelo". It showdown about 5.000-10.000computers on March the 6th.

In August thefirst serious virus generator was developed. First the VCL (VirusCreation Laboratory), than Dark ANgel's Phalcom/Skism Mass-ProducedCode Generator. Nearly 30 of this viruses becomespreaded.

1993:

A new VX-groubwas founded in Holland: Trident. This group developed an otherpolymorph  Engine named GIRAFE. It was much harderto analyz and to detect that viruses and to avoid fals alarmingon.

Also the NEDgroup developed a Polymorph Engine named "Itshard". It was moretricky than the MtE.

Dark Angelcoded his polymorph Engline DAME (Dark ANgel's Muliple Encrytor).It was not as successful as MtE, because it wrote the same line inevery DAME-virus.

I hope you hadfun by reading this...

greets,

SeCoNd PaRt ToHeLl

spth@jet2web.cc

www.spth.de.vu