HatiHati is an alias for a legitimate anti-theft application which suffers from two bugs in the 0.95 beta version of its code, causing worm-like behavior on devices running Symbian Series 60 Second Edition and older. An unauthorized, repackaged version of this flawed version also exists.
CAUTION This method will remove all data on the device, including calendar and phone numbers.
A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:
Check for the latest database updates
First check if your F-Secure security program is using the latest detection database updates, then try scanning the file again.
Submit a sample
After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.
NOTE If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.
Exclude a file from further scanning
If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.
Note You need administrative rights to change the settings.
The anti-theft application was originally designed to send an SMS alert when it detects a change in the device's SIM card. If the device's MMC card is transferred to a new device however, the first bug in the code causes the application to copy itself onto the new device.
Once installed on the new device, the application considers the SIM card to be changed; the second bug then causes it to send a large number SMS messages to a predefined number, usually +3396003964. This may result in significant financial costs.
Detection of the 0.95 beta version of HatiHati was added to F-Secure Mobile Anti-Virus at the request of the original software author.