UMIDIGI COMMUNITY
Title: Installation from unknown sources, riskware [Print this page]
Author: goldyau Time: 2017-1-12 19:36
Title: Installation from unknown sources, riskware
Hi there!
my UMI Diamond arrived two weeks before the end of the last year and it was two great weeks.
But on 2nd January I saw that there is some application My apps installed over night...that was really strange and I uninstalled it first thing after I woke up. Also I saw that installation from unknown sources is on, which was off when I got the phone. I disabled it.
....and two days later, two apps were installed over night! and instal. from unknown sources again on!
After this I installed antivirus and antimalware from google play and they found nothing. But after day or two, there was a notification from antivirus, that there is riskware application (again My Apps), but it did not prevent it from (installation,) starting. I uninstalled it again.
After this, I deleted phone data, reset it to factory and flash last version of ROM.
Now, I am using phone for two days again, connected it to internet, gmail etc. another antivirus program that I installed warned me about enabled installation from unknown sources! two times in 24 hours it was enabled by something in the phone, but no app installed on themselves yet.
I will try deleting ROM totally and flashing after that again, but I really do not like this self installation of programs as it looks like it is part of official ROM...
Author: MarcinP Time: 2017-1-14 05:33
Do you have sd card installed?
Author: goldyau Time: 2017-1-15 00:13
No, sd card is not installed.
And after last flash, two times a day is the setting for unknown sources installation changed by itself. None apps installed yet on their own, but I cannot use the phone normal way 
Author: bencebacsi Time: 2017-1-15 08:23
Dear goldyau,
That setting never changes just by itself and until now nobody else has reported a such issue. It's probably caused by a third party app with permission to modify the system settings. Please go to 'Settings --> Apps --> tap the cog at the upper right corner --> Modify system settings', and disable the setting at each suspicious app. Since I don't know what apps are installed on your phone, I don't know which one can be suspicious. I cannot reproduce your issue either.
Author: goldyau Time: 2017-1-15 17:36
That is the strange thing...After last flash I installed only Eset and Malwarebytes. Nothing more. And even before, when it started, I've had installed apps that I also have on my other phone and no issues there.
After last flash I turned off modifying system setting even for some default apps. Nothing seems to help.
Today I will try flashing an older version of system. And also I will disable modifying of system settings for every app that is there (except system ones) and we will see.
Author: iamthecustomer Time: 2017-1-16 03:37
Hereby I report the very same issue.
Screenshot in the attachment. What is that system component service???
Author: iamthecustomer Time: 2017-1-16 03:38
Now it has no access to system settings, but the original setting was 'Yes'.
Author: bencebacsi Time: 2017-1-16 09:26
That's the FactoryTest app, which is a system app used by the EngineerMode and in some versions it simply doesn't have an English name. Your post seems to be off topic here.
Author: JoeF Time: 2017-1-16 19:32
Same issue, Allow installation of apps from unknown sources keeps activating on its own set anti virus to pin code changes to settings, it notifies me of the change after it happens but then I have to enter a pin to access setup to turn it off again.
Author: Preppernau Time: 2017-1-16 19:36
Well, the same issue here...
I have ordered the phone from Banggood, it was shipped with some suspicious-looking preinstalled apps. I have uninstalled all of them, but they (or other apps, like "My Apps") magically (re)appeared again after a day or two. Furthermore, the phone switched on the mobile data every night for a short period of time. Furthermore the "installation from unknown sources" setting was modified from Off to On a number of times (I switched it off and the next day it was on again).
After a week I made a factory reset, flashed the official ROM and clear all the caches. Since then I have no problem with the phone - touch wood... The official ROM seems to be (almost?) pure Android, with no suspicious preinstalled apps. So maybe it was just some foul play by the Banggood store and not by the UMI company. I certaninly hope so, because the phone is pretty good for the price, and now I am thinking of ordering the new UMI Z - but definetely not from Banggood...
Author: iamthecustomer Time: 2017-1-16 21:39
I don't think it's off-topic, since I reported the same behavior of unkown sources switch and magically re-appearing "My Apps" app on the phone. I posted in addition the screenshot of the app with access to system settings and the non-English name because I tought it was related to the topic of this thread.
It's an issue. I bought a phone with some malware preinstalled on it, from a contracted and advertised retailer of UMI. I think it should be investigated.
Author: Ziggy Time: 2017-1-16 23:32
If anyone is intrested, i made a debloated/rooted Version of the Umi V7 Version. Deleted anything that not seemed to be stock.
Its still WIP but seems to work stable but should only be tested by ppl. who know what they are doing and already have
TWRP installed on the Phone. Comes with a little ReadMe with instructions, later i am planing on a bigger Instruction
where also the installation of TWRP is covered
I am not sure if its allowed to post a link here so if you are intrested in testing leave me a message.
Sorry for my bad english i am not a native speaker but i think its understoodable ;)
Author: antrenan Time: 2017-1-18 21:06
guys,
I also have the same problem, the system automatically releases the installation of unknown sources, as well as install applications automatically. I've already done hard reset and still, it persists.
Author: pdj Time: 2017-1-20 17:49
Same problem. PLEASE SOLVE IT. For the 3st time in 3 weeks keep on do that: the system automatically releases the installation of unknown sources, as well as install applications automaticall. The app looks like Shazam app but is like a luncher that overwrithe the original luncher and add ADV, can look at what u search and u type. SO IS NOT POSSIBLE FOR AN INTERNATIONAL FACTORY LIKE UMI DIGI. So please solve it. Make an OTA update quckly. Bought it on e-fox shop. also have the last ota update installed. Thanks.
Author: garbageman5000 Time: 2017-1-21 04:05
Hello, i had the exact same problem.. looked through the internet and found a solution
the second app is called Wireless Update or something, i couldnt install any apps because it drew an invisible overlay around my screen!!!!!! ridiculous! come on UMI 
Author: iamthecustomer Time: 2017-1-22 19:17
Now it seems obvious that UMI pre-installs malware / spyware with official ROM. That's even more scandalous!
@bencebacsi: What's your comment on these?
Author: MarcinP Time: 2017-1-22 22:14
This is common problem if you install any spyware or antivirus app. Some developers making apps very sensitive to be getting more money of users paying for full app version. There is no other explanation as how wireless update could contents spyware or virus. This app need access to Internet and you can't do nothing about.
You can always come back to previous ROM and check are some apps still installing it self.
Then perform factory reset and remove sd card in case you have some virus on sd card and test phone.
Author: goldyau Time: 2017-1-23 15:57
So, after my last flash (clear phone, no SIM or SD card inside) until I connected to Wifi, everything was fine - no changes in setting of installation from unknown sources. But as soon as I connected to wifi network setting was turned on! and since then it turns itself on about two times a day.
I tried stopping and taking privileges from Wireless update with no change at all, so it is not the problem...
UMI, please solve this, the phone is useless for me with this bug!
Author: bencebacsi Time: 2017-1-24 02:21
I can confirm the bug of re-enabling unknown resources. It will be fixed in a later update. However, that's all. No apps get installed from out of nowhere. The AdupsFota.apk is the OTA updater app and it draws nothing on the screen. That base.apk is installed by the Windows Rootjoy application (via adb connection) and that contains root tools only. No one of them are viruses or any kind of malewares and anyway Rootjoy is not compatible with UMi Diamond, so you don't need it.
Author: goldyau Time: 2017-1-24 15:12
Great! Thank you for good news! (it is possible that as phone was vulnerable something just infected the phone...)
Can't wait!
Can you get us some estimation of a release date?
Author: pdj Time: 2017-1-24 21:05
I'm Sorry but i repeat for the second time. You say that a bug enable the unknow source. So 3 times in 2 weeks a software from unknow source automatically installed on my diamond and also into my friend's London. Same kind of app: luncher that display adv. And also get automatically all the permiss to contats, input type.. so.. i think is necessary anche OTA update as soon as possible.. but in 1 week. Also i think this was the last umi i'll buy. Thanks but it's so ridiculous. You say that u have not a bug. Then After other 10 messeges from the user: ya week have a bug. Ok... So now i say u that the bug is not only in that system settimana that enable installation from unknow source. I have more great problem. So don't minimize. Thanks u.
Author: Dirtyharry Time: 2017-1-24 22:09
Hi Guys,
Same problem here. I seems the malware is hiding in the System-UI file. Only 360 Security seems to detect the trojan.
I've Flashed the rom with Stock ROM. But the trojan is in the offical stock rom.
Author: Dirtyharry Time: 2017-1-24 22:18
PS: This trojan is not found on the new UMI Flagship. I can only assume its only on the UMI Diamond that has this problem
Author: Ziggy Time: 2017-1-25 03:39
I am not sure if its not an false positive match ... if it is an trojan its in an file "spende.zip" in the assets directory of the apk file .. would be nice if someone from umi answers this ASAP!
Author: MarcinP Time: 2017-1-25 04:44
You have answered on page number 2
Author: Ziggy Time: 2017-1-25 06:49
Where on page 2 ? The "Trojan" is in the SystemUI.apk, shipped with the ROM. You can extract it from the system.img file in the Rom downloadable here in the Forum, you not even need to install the rom or need to start the phone to find it. So its delivered with the rom and does not come from any other apps!
Just take a look at the File .. inside is an directory called assets and in there a file called spende.zip.
Virustotal Results : https://virustotal.com/de/file/5 ... nalysis/1485297921/
Author: MarcinP Time: 2017-1-25 06:54
Post 17 and 19.
So far there is no other explanation.
Author: Ziggy Time: 2017-1-25 07:07
Well thats a good point, thats why i said it might be a false positive ;)! But you also need to understand us when our phones behave like they have a life on their own 
I for myself could not find out what the file does, its no known fileformat and 100% no zipfile and that makes people wonder again why its called like a zipfile and isnt one. And then the point that the name "spende" means in my language something like "donation" made it even a little suspicous, i think i overreacted a little to this.
Author: klausmuster Time: 2017-1-25 16:10
Edited by klausmuster at 2017-1-25 16:35 \n\nFirst: Sorry for my bad Englisch.
Here is a solution for all (not just UMI's) that have this problem.
Basically: Why UMI built this "door", I can not say - but is with some Chinaphones so and annoying in any case. The responsible Trojan sits in the SystemUI, which is responsible for the softkeys and notification bar (also already in the original Rome from the UMI homepage), there is no CostumRom for the Diamond and I have found no way to eliminate this Trojan. But the following "trick" has at least rest. We use the shell command, which turns off the installation of unknown sources.
1. The mobile phone needs root (is for the UMI with TWRP quite simply).
2. You need the app "Tasker" (2.99 € in the store)
3. Now create a profile - preferably via "Status" - "Display Status" - "On"
4. Create a "Task" - "Code" - "Enable Shell"
5. Enter the following line at the top line: settings put secure install_non_market_apps 0
6. Set the hook in the "root" field
Done!
Effect:
Each time the screen is displayed, the switch is set to "OFF" under "Safety" - "Unknown sources" (whether it is ON or OFF!). Can also be tested: Switch ON - Screen off - Screen ON - Switch is again OFF.
So you should be relatively certain that no malware is installed.
LG
Author: goldyau Time: 2017-1-25 18:27
Thank you for this manual! Unfortunately I don't want to root the phone, so I hope that new ROM will be soon finished and all the problems will be gone...
Also this script could not be enough, when you let the phone sit during the night on the table. It would have to be done every two hours maybe or something like that... But partially it could help.
Author: pdj Time: 2017-1-25 18:55
Don't want to root my phone. I want Quick OTA update to solve It. "It's Just a bug in a flag". Same problem in Umi London.
Author: Dirtyharry Time: 2017-1-26 00:59
Ive installed ESET mobile from the appstore. Eset lets me know when the "unknown source" has been switch to yes. Then i turn it off manually.
Also ive set the systemui "can modify system setting" to NO .(Setting/app/modify setting + show system apps)
I not yet had a new app installing themself. But do have to turn off unknown sources sometimes
Author: goldyau Time: 2017-1-26 14:09
I used Eset also, but as you said, it will just warn me about the change in the settings and I am tired of turning it of two times a day minimally...
Taking the privilage of modifying system setting from systemUI is not changing anything, at least regarding the switch for instalation from unknown sources.
We need cure for the problem itself (new rom from UMI), any other fixes are just not taking care of the root cause and they are only putting hurdles in its way (malicius functioning)...
Author: Dirtyharry Time: 2017-1-26 16:32
I totally agree with you, its a temporary measure. The cause must ultimately be resolved.
Annoying that the malware sneaked into the stock software. But it seems to me that this is not a diffilcult problem for UMI to resolve. Its just a matter on how important they think it is. 
Really pity. The device itself works amazingly well for the money
Author: goldyau Time: 2017-1-26 18:24
Exactly. I was suprised with the phone as I did not expected much from it.
Hopefully it wont take them long and soon we will be able to use the phone normally with peace of our minds
Author: horeee Time: 2017-1-26 19:43
I'm struggeling with the same issue:
I have to turn out the setting "install from unknown sources" every day, becoue it's turning back on by itself.
I've ordered the phone from Gearbest, before xmas.
I've installed all the updates from OTA, and uninstalled some pre-installed apps, that I don't need.
No SD card, no 3rd party apps installed, i've already done a factory reset too, but the issue is still present.
When i forget to turn this setting off, the next morning i've some (1 or 2) unwanted apps automatically installed to the phone. I can uninstall these apps, but that's not a solution...
I've tried to disable the OTA app too, but the issue still persists.
I'm waiting for the real solution. I cannot solve it by myself, the problem is in the stock ROM.
Author: HonkyTonky Time: 2017-1-27 02:25
Hello guys,
my Diamond is having the same bug/trojan whatever the problem cause, I red about this problem when the phone was on the way to me, could not believe realy, so when i got it, i check all the time this button,
first time it switch ON after first OTA update, I turned off, then I made the second OTA update, and it was ON AGAIN, so turned off again. I installed direectly some antivir-stuff what nothing found, I blocked the system-adjustments by password, for nearly five days nothing happend, but yesterday suddenly was back ON AGAIN, It doesent seam that something was installed, but who nows? I am quite pissed about this behaviour, Sorry UMI but like that you wont have a lot of succes here in europe, WE WANT UPDATE NOW, I give you max 1 week to solve this, otherwise I am going to make big case here. first I wil start with a very clearly reputation on amazon, where I bought this.
greetings to all who have the same problem
Author: Ziggy Time: 2017-1-27 02:39
Yes we realy need an Update quickly! Seems you realy can hunt it down to the SystemUI.apk in this ROM. When i block it from Internet Access via iptables, the flag keeps off. As soon as it gets access to internet it comes back on. Honestly i dont believe in a bug anymore but think its a wanted behavior to control the phone.
Author: Dirtyharry Time: 2017-1-27 04:32
Forgot to mention earlier post. The standard browser app asking way to much permission and system rights. I've removed all rights and stopped using it. (Use chrome now).
I haven't had a selfinstalling app since. 
Author: MarcinP Time: 2017-1-27 04:48
Quick respond. Hmmmmmm
Sorry guys but this is impossible as China has 10 days holidays.
Author: Ziggy Time: 2017-1-27 07:48
Here i am again .. and i am more pissed than before to say it honestly!
Yes i know there is Chinese New Year but soon after this we have to hear something positive.
Here is the latest analysis i did :
Got into the phone with adb shell when the phone was booted and found the spende.zip in an unencrypted Version laying in
/data/data.com.android.systemui
.. copied it to the external sd-card and this time i could open it .. its an apk compressed with zip as all apk.
Uploaded it in this state to Virustotal.com again :
Thats the results :
https://virustotal.com/en/file/c ... nalysis/1485473420/
29/57 Scanners detect it as Trojan now not only one!
This File is not an false positive its an Trojan and its no bug! That nasty little thing is knowingly packed into the SystemUI.apk by UMI and thats a scandal!
Honestly i dont care if they have holidays or if the easter bunny is mating with bugs bunny that device is infected with a Trojan and i dont believe by an error thats knowingly done by Umi!
I will investigate deeper what it does and let anyone know if know more!
Author: Dirtyharry Time: 2017-1-27 18:18
Interesting find mate, thnx!
The developer sure made an effort to include this trojan. Maybe its UMI, but i guess they bought the customized os from a other party they makes these custom OS file. There are allot of cases known where the chinese low budget devices contains malware.
Does anyone know if its possible to edit the IMG file from the ROM and replace the system-ui.apk file with the system-ui file form other UMI model like Diamond x or Super? or is more complex then that?
Author: iamthecustomer Time: 2017-1-28 19:56
- That's what I wrote pages before: the presence of this malware is a shame.
- I don't care if it wasn't a UMI engineer who compiled it into the official ROM or another one from a 3rd party, UMI was responsible in general for the quality of their products.
- It may sound like a conspiration theory, but the nasty behavior of the low budget Chinese phones is well known. The worst is their reaction: first they try to understate the problem and give you some studip answers. Later on they just keep in silence.
- All these make me believe that this issue is not a coincidence.
Author: Ziggy Time: 2017-1-28 22:48
Yep have seen that in the Umi London Thread, first they tell lies about its not their fault then they say nothing more. The same Trojan is in the Umi Diamond X too, had a look in the Rom just for fun.
I truely believe they compiled that in on purpose, i for myself will never buy anything from this company again as its fraud what they do!
Herewith i give Umi a suitable period of time until 15.02.2017 to deliver a Trojan/Virus free Version of the ROM or i will show that issue to any consumer magazine in germany that i can find, tv and print, to warn other customers that Umi is a company that should not be trusted!
Author: garbageman5000 Time: 2017-1-29 09:55
do you guys have list of the apps which get installed? i know i got My Apps and Super Locker, but also few others can't remember anymore... maybe its a good idea to make a list and contact developers as these apps are available on play store? maybe they know something?
Author: horeee Time: 2017-1-31 03:15
There are some more weird things with this phone.
I have turned off the OTA application, when I realized, that it contains malware.
Afer a week or so, the OTA app is allowed to run.
I didn't turned it on, so not just the "unknown sources" lives an own life, but the OTA app too.
It's impossible to disable... What a shame...
Author: FilSan Time: 2017-1-31 05:59
Edited by FilSan at 2017-2-13 03:06 \n\nI also have this problem. When I did the factory reset the APP wasn’t there and, for the record, I didn’t installed anything out of Google Play Store, the APP appears as
BaBel Font - Free Font Manager
It just suddenly appears out of nowhere like it was installed through the Play Store and the “developers” are saying that "If BaBel Font has been installed without any download from Google Play--It’s pre-installed in system by the manufacturer" Since I didn't installed and I don't have the option to uninstall it means that it came from the manufacturer. But it is strange because any APP from the manufacturer that is not from the system can be disabled and this one doesn’t allow that just “updates”.
I almost belevied in that but then I went to see the necessary permissions for the app and it asks access to everythingt that you could think about like the ability to search through your contacts, disable your locked screen, send SMS and make calls. When I saw this I noticed that this APP didn’t appear in the Installed APPs of Play Store but only in All Apps and didn’t appear in the APPs of the phone, I couldn’t find it anywhere in the system option APPS it seems camouflaged and it only appears after the option to allow installion from unknown sources is toogled on which I didn't do it, I toogled it off.
This isn't a simple glitch but a secutiry problem.
Author: horeee Time: 2017-2-7 06:16
We are still waiting.
Where is our new and clean Firmware?
No answer? It wasn't an accident then? 
Author: bencebacsi Time: 2017-2-8 09:06
1. Don't mix up an app called Systeem-UI (with double 'e' in the filename) with SystemUI. An app called Systeem-UI is not contained by the system.
2. I extracted the whole content of the ROM and scanned for viruses (42,198 files) but nothing was found. About the spende.zip file: that's also virus free but sorry, I don't know the types and functions of all the 42,198 files. The spende.zip file doesn't have an identifiable header.
3. My UMi Diamond is continuously turned on and connected to the internet via WiFi connection but any kind of third party app has never got installed from out of nowhere.
Possible reasons:
That's confirmed, the 'Unknown resources' switch turns on automatically after a while. If you install unreliable apps on your phone, this case can hide a vulnerability since later a such app will be able to install further apps without asking for your permission.
So please be careful until the next update will fix this issue but anyway you still can use your phone with confidence.
Author: Ziggy Time: 2017-2-8 16:31
You are not telling the truth! I dont mix up the file, i am speaking off SystemUI.apk and that apk contains the virus/malware in an encrypted archiv called spende.zip. When you boot up the phone its encrypted by the system and laying then in /data/data/com.android.systemui/files in its unencryptedversion on the phone! Copy it from there and you clearly see its and zip archive / apk then. Scan that file for virus you get 29 hits from virustotal.com. also i decompiled that file and it contains some intresting code. I know Umi pays your bills but please dont try to make us look like idiots the file is there anyone with root can copy it from his phone and look at it
Author: pdj Time: 2017-2-8 19:09
Time goes by... So slowly. For those Who whait for umi ota update to fix that problem. Sorry but we're not feel so secure as umi say. I don't use that Phone with confidence. I Will not use my brand new diamond until u Will release new OTA update to fix bug and or solve maleware that autoinstall and show aggressive adv as you can see on the follow images.
Author: pdj Time: 2017-2-8 19:09
http://imgur.com/IucMI1F
Author: pdj Time: 2017-2-8 19:12
http://imgur.com/7dSvwGS
Author: HonkyTonky Time: 2017-2-9 04:00
Hello Guys, was nice to meet you, I ll go to say goodbye, because I gave back this phone, was quite good part, but with these strange stuff inside is not acceptable for me, I dont think they are going to change this, sorry but my trust in UMI is broken. Changed again for HUAWEI having now HONOR 6x, was 100€ more but I feel a lot saver, quality is lot better.
hasta la vista UMI this is not the way for treating clients, never again!!!!!!!!!!!!!!!!!!!
Author: martin9999 Time: 2017-2-10 01:43
Umi Diamond X unfortunately contains also this Trojan-file
root@UMI_Diamond_X:/data/data/com.android.systemui # ls -l /data/data/com.android.systemui/files
-rw------- u0_a24 u0_a24 635711 2017-01-30 19:21 Assistant.jar
-rw------- u0_a24 u0_a24 36 2017-01-25 18:57 TAPPED
-rw------- u0_a24 u0_a24 40960 2017-02-09 17:43 TDtcagent.db
-rw------- u0_a24 u0_a24 16928 2017-02-09 17:43 TDtcagent.db-journal
-rw------- u0_a24 u0_a24 674 2017-01-30 19:39 location_public_key.der
-rw-r--r-- u0_a24 u0_a24 778672 2017-02-07 14:42 spende.dex
-rw------- u0_a24 u0_a24 167487 2017-01-25 18:52 spende.zip
-rw------- u0_a24 u0_a24 0 2017-01-30 19:21 td.lock
-rw------- u0_a24 u0_a24 0 2017-01-30 19:21 tdlock.txt
Author: martin9999 Time: 2017-2-10 01:53
I have ordered this phone UMI Diamond X from german Amazon. I have 30 days time to send it back. I hope in between will umi create a repaired Firmware. If this is not done, i will send the phone back a i will write bad recension.
Author: cf5214 Time: 2017-2-11 21:22
Hi,
I also have the same issue. I have an UMI Diamond phone (Android 6.0). I have the Malwarebytes app installed. And when I open the app it notifies me that there is a security issue with 'Installing apps from unknown sources'. So, I go to Settings, Security and switch 'Unknown sources - Allow installation of apps from unknown sources' to NO, and the problem is temporarily fixed. However, it keeps switching back to YES because when I open Malwarebytes a day or two later (sometimes the same day), I am again notified that there is a security risk with 'Installing apps from unknown sources'. This is because it has automatically switched back to YES.
Author: bencebacsi Time: 2017-2-12 09:10
All of you who have this issue, please go the 'Settings --> Apps --> tap the cog at the top right corner --> Draw over other apps' and check whether you find an unknown app there. If yes, please let me know which one is that. Despite that, my UMi Diamond has been all time turned on with a living internet connection for weeks already, any apps have never get installed automatically and I don't get such pop-up ads. I also have a friend who uses a Diamond as a daily driver without any of such issues. I can confirm only the issue of the automatically enabling 'unknown resources'. We are waiting for the update to be released, it's in progress.
Author: martec Time: 2017-2-12 14:24
new update will release too to Diamond X ?
because i have same issue in Diamond X.
Author: FilSan Time: 2017-2-12 23:16
Updated my comment with the app that appears after the phone toggled on the option to allow unknown sources by it self
Author: bencebacsi Time: 2017-2-13 10:19
Do you have or have you ever had USB debugging enabled on your phone? That BaBel Font app or anything that could install it is not present in the stock system but if both USB debugging and unknown resources are enabled, you can get such apps through your computer when you connect your phone.
Author: pdj Time: 2017-2-13 17:51
BaBel font came with my umi diamond. I say that because that app is a system app that is not possibile to uninstall. I Neverland activate USB debugging and also Never connect diamond ti anything esle then his ac adapter ti charge. Umi we don't feel so secure . BaBel font as MyApps (whith Shazam icone) have all the permissions. Same problem with my friend's London. IF u Need i can send you some screenshot. Please realese OTA as soon as possible. Is a situation than go on from about 2 month. Same situation for my friend that have same chipset Low budget Phone Leagoo M5. Same processor and i think also same base firmware/software from mediatek. The same problem for the taggle auto on in unknow sources.
Author: Ziggy Time: 2017-2-13 19:44
Edited by Ziggy at 2017-2-13 19:45 \n\n
i beg to differ... That BaBel Font is called "LovelyFonts.apk" that is integrated in the StockRom ... integrated very deep if i may say cause its even called in the init.rc script in the boot.img. Was one of the things that i deleted first from the ROM
- #======================lovelyfonts start=======================
- import /init.lovelyfonts.rc
- #======================lovelyfonts end =======================
- init.lovelyfonts:
- #======================lovelyfonts start=======================
- #service fontd /system/bin/fontd --root_seclabel=u:r:su:s0
- # class main
- # socket fontd stream 0666 system system
- on post-fs-data
- mkdir /data/fonts 0777 system system
- mkdir /data/fonts/lovely 0777 system system
- restorecon /data/fonts
- restorecon /data/fonts/lovely
- #======================lovelyfonts end =======================
Author: FilSan Time: 2017-2-14 06:40
Edited by FilSan at 2017-2-14 06:46 \n\nDo you have or have you ever had USB debugging enabled on your phone? That BaBel Font app or anythi ...
Maybe something is lost in translation since english is not my mother language so let me be clear about my use of my UMI Diamond
Never ever I enabled the installation of unknown sources
Never ever I installed anything that is not of the Play Store
Never ever I enabled usb debug.
Never ever I had this app.
Never ever my UMI was plugged in any device, only to the power plug.
This app appears by itself after your bug of auto enabling installion of unknown sources.
Just for the record I always but always do manual installation of app by app after I do a factory reset, not only with UMI but also with my previous phone. So I always know all of my apps that I have installed and what is there and not.
After factory reset this APP doesn't appear in my list of app in play store. Again it only appears after your bug of auto enabling. And they say that if it wasn't installed that is because was the manufacturer that installed I copied paste that info from the app and if you search for the app you will see that exact statement.
You can say that I did something with my phone but I didn't. I just turned on the phone, add my google account, installed my apps one by one. And on the next day I also received a warning from eset about the bug you already know and when I went to confirm my app list It was there.
Author: horeee Time: 2017-2-15 01:46
Agree...
This Babel Font app is installed on my phone too.
How did you unisntalled that?
It cannot be removed, or disabled, it's a protected part of the rom.
Do i need to root the phone to do that?
I never installed anything, just a pair of small apps from the playstore, and this app is not in the list of my apps. This was already on the phone when I bought it from Gearbest.
Author: lugau45 Time: 2017-2-15 02:23
I have the problem also at 2 Umi Diamont. Can it be that the apps install (advertising ...) when the Amazon Appshop is installed? I hope it comes soon the update because this condition is really bad
Author: FilSan Time: 2017-2-15 03:57
This is happening with new and out of the factory UMI, without installions of any app out of the play store and with the device never connected in any way with other devices.Well, at least this is my case.
Author: Ziggy Time: 2017-2-15 23:26
I uninstalled all the crap offline and made myself a new rom thats also rooted
Author: horeee Time: 2017-2-16 05:34
Can you explain this a bit more clean, or maybe share that cleaned rom?Just for the case, if the official rom is coming too late...
Author: Ziggy Time: 2017-2-16 06:03
Well thought i did that when i opend a new Thread in this subforum where i released the rom
But here is the link for those of you who might have missed it
http://community.umidigi.com/thread-6536-1-1.html
Author: martec Time: 2017-2-16 12:44
I found one way to avoid setting of unknown sources switching back to YES. I not have absolutly certain that will fix this issue, because i tested for only one day.
Steps:
Go to Settings > Apps
Click in Configure apps
Click in Modify system settings
Click in three dot button
Click in Show system
Find System UI in list
Click in System UI
Change Allow modify system settings to NO.
Of cource this not will remove malware software of this ROM, but for me this blocked to system automatically change unknown sources setting.
Author: lugau45 Time: 2017-2-16 15:29
Unfortunately, I can not find the settings. Where exactly is that supposed to be? Thank you for reply.
Author: martec Time: 2017-2-16 19:49
@lugau45
check video below
http://www.dailymotion.com/video/x5c2196
Author: lugau45 Time: 2017-2-17 02:09
Thank you for Video
Author: garbageman5000 Time: 2017-2-17 06:49
is anyone getting weird pages open in chrome? i have this problem
Author: lugau45 Time: 2017-2-17 15:43
@martec
Unfortunately the problem with the deactivate the right at system-ui is not solved
Author: FilSan Time: 2017-2-17 16:52
On my phone it was already set that way
Author: Dirtyharry Time: 2017-2-18 01:12
No, sorry mate. Not sure if that's related. I use chrome as well as main browser. Could be the result of opening unknown source and malware through infected websites
Author: Dirtyharry Time: 2017-2-18 01:13
I've suggested that solution also.but unfortunately it doesn't resolve the problem.
Author: horeee Time: 2017-2-21 05:20
And again:
One hour earlier, i've turned off the unknown sources, because it was on again.
And now, it's an app installed, and it's turned back on.
"my apps" is the displayed name, "com.vivi.document" is the path. And it has a permission for almost everything on the phone: read, write, WiFi, data, GPS, contacts, and even more...
No 3rd party soft installed, just the stock ones.
No root, no sd card, no usb debug, never plugged anything but the charger.
What is this, if not a virus from the UMI factory???
What is the official answer to this?
Where is a ROM which is clean?
This problem was reported more than 2 months ago, several times, and by several users.
What kint of support is this?
Author: pdj Time: 2017-2-21 13:17
Ya ya... Umi don't take care about this. After 3 months se keep on have trojan/malware/adv that i have not buy with the smartphone. I bought a smartphone "with the purity of Google Android 6" as everyone Can see in the product page of London / Diamond. 3 months that i have a brand new smartphone and i don't use It "with confidence". I cannot use It. Thanks Umi for the OTA releasing as quickly as we notice u the issue.
Author: aaantic Time: 2017-2-22 16:44
I have exactly the same issue.
bought two UMi Diamond phones.
After a week, both of 'em were with random pop-ups and stuff.
I've never connected these phones to PC.
Author: Igel Time: 2017-2-23 21:26
Hi,
I got the UMI Dianond in early January.
Here are my experience :
The first week everything seemed to be all right, then themselves and unasked there were installed three apps and the switch " unknown sources" had been switched on.
After that time my browser (Chrome) opened unasked when I switched on my handy and showed pages with games and the browser history was filled with links. This took about two weeks, then nothing happened for a while, only the switch " unknown sources" was switched on at least sometimes more than once a day. Yesterday, the phone suddenly started with a new launcher that had been installed unasked.
When we get the urgently needed update, UMI / bencebacsi?
Author: Igel Time: 2017-2-23 21:28
In addition, I found the folder "MiniAppstore", albeit empty. I have deleted it but it will be created again anytime.
Author: horeee Time: 2017-2-23 23:08
It's in progress... Since a month... LOL...
I think, UMI don't take care about his customers problem.
Next time we should buy some real phone, from a factory with real support, like Xiaomi.
I would say: no more UMI, not again...
This was the first, and the last. And it was a failure...
I didn't sent it back in time, because i thought, this can be easily reapired by a software update trough OTA.
How fool I was. In 2 months, there is no update... Shame...
Author: martin9999 Time: 2017-2-23 23:11
FYI - the Applications from Adups are also interesting
http://phandroid.com/2016/11/15/chinese-phones-spyware/
http://www.mirror.co.uk/tech/che ... tly-sending-9270924
Author: neil_pandb Time: 2017-2-24 16:37
Glad I've come across this post as I was going mad. Got the same problem on a Diamond X - all was fine for about 2 months and now the same issue as above. Had a number of Chinese phones in the past from other manufacturers and never had an issue. This needs sorting ASAP, or I'll be after a full refund and never using UMI again :-(
Author: martin9999 Time: 2017-3-1 00:22
After sending umi diamond back to Amazon, I have another china phone (THL T9 pro) now and after two weeks after installation suddenly begun similar problems - also installation of trojan backdoors. Therefore will I buy next a phone with an cyanogenmod rom.
Author: Dirtyharry Time: 2017-3-1 02:46
Edited by Dirtyharry at 2017-3-1 02:48 \n\n
(, Downloads: 417)
