When DBase is executed, it checks if it is already in memory, and if not, becomes resident. It infects .com and .ovl files.
When a .dbf file (the main file format of the dBase database management system) is written to while the virus is in memory, the information sent to the file will be garbled. When the file is loaded, the virus will show the file as if it were normal. If the virus is removed after the files have been garbled, they will be permenantly garbled. It may do this to other files whose name ends in .dbf, regardless of whether or not they belong to the dBase program.
The virus creates a file named bugs.dat in any directory where .dbf files are stored. This file keeps track of what files were corrupted and what they were corrupted with. When this file has not been written to for 90 days, the virus overwrites the file allocation table and root directory of drives D: to Z:. This section of the virus's code is buggy, and may not
In addition to the damage to .dbf files, programs larger than 63,415 bytes will no longer be loadable.
DBase gets its name from the dBase database management program, as it corrupts the .dbf files this program uses as its default file format. This is in violation of the CARO naming scheme, which prohibits the use of a legitimate product's name for the name of a virus, but this virus predates the CARO naming scheme. Nearly all antivirus products use the name DBase as the detection name in their products, the only differences being with regard to capitalising the letters "D" and "B" in the name.
Thomas Lippke, University of Hamburg, Virus Test Center. Reports collected and collated by PC-Virus Index, "dBase" Virus. 1990.02.15
Trend Micro, DBASE.
F-Secure Antivirus, dBASE.
Fridrik Skulason. VIRUS-L Digest, Volume 2 : Issue 234. 1989.11.07
McAfee Antivirus, dBASE.