The Dual_GTM virus is in the wild and has been reported in France during May 1995. It is memory resident COM and EXE file infector. Programs are infected when they are executed.
Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.
A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:
Check for the latest database updates
First check if your F-Secure security program is using the latest updates, then try scanning the file again.
Submit a sample
After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.
Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.
Exclude a file from further scanning
If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.
Note: You need administrative rights to change the settings.
Dual_GTM avoids infecting EXE files whose name begin with SCAN, CLEA and QBAS. It's COM infection routine is buggy and multiple infections of the same COM file are possible.
The code of the virus presents some irritating characteristics - the virus tries to avoid heuristic scanners by doing it's things in non-obvious way. For example, when it wants to move value 4200 to a register, it will first move 4201 and then decrease the value of the register by one.
The virus activates on the 20th of March if the year is greater than 1993. At this time the virus beeps and displays slowly the text: "Beware of the BUG !!!". After this the virus hangs the machine. Otherwise the activation routine is harmless; Dual_GTM's main danger lies in its buggy infection routine that can corrupt the files it infects.
Do note that since member of the Dual_GTM family corrupt some EXE files while infecting them, these files will not work correctly even after they have been disinfected.