Lot of the malware was preinstalled system apps which cannot be removed without root mode.
I’ve rooted using the CWM (ClockworkMod) method, installing the CWM recovery image then installing SuperSU. The KingRoot method should be easier but didn’t work for me.
Remove apps - Bloatware
I’ve used Titanium Backup because I wasn’t sure which app would break the phone if removed. I removed the following preinstalled apps (that I remember):
DU Batter Saver 3.9.9
DU Speed Booster 1.4.0
Mobile Assistant 3.0.4.0835
Power Manager 1.1.287.150113.c3631eb
User Experience 4.4.1
Remove apps – Malware that was display popup ads
The malware that was hijacking my browser was hidden in a modified YouTube app (this Android Adware was pretty hard to find). I simply uninstalled that using Titanium Backup and installed the correct YouTube app from the Play Store.
Remove apps – Virus and unofficial apps
The next step was to get rid of the virus, which was hidden in a modified Twitter app. The package name was com.twiter.android; see how it’s misspelled?
Unfortunately the infected Twitter app is a system app so cannot be uninstalled, but can be disabled. To do this, I connected the phone in USB debug mode to the computer and run an adb shell in root mode, and then disabled all unknown or unreliable packages:
pm disable com.twiter.android
pm disable com.skymobi.mopoplay.appstore
pm disable com.uc.browser.en
pm disable store.antivirus
pm disable com.cleanmaster.mguard_cn
pm disable com.android.dc
Things that cannot be uninstalled
I’ve tried to remove the SafeCenter as I have no idea what it does, but it removed the Apps menu from the System menu – so had to reinstall it. Luckily I made a backup with Titanium Backup before deleting it, so everything is back to normal.
Unfortunately the battery usage breakdown is either gone as well or was never installed in the System menu, but I can’t figure out which app I should reinstall to have it back.
Viber (or other app) doesn’t work after reboot
Lenovo by default disables auto starting of the apps so Viber won’t start the next time the phone is rebooted and as a result no messages or calls are received. To enable it, go to System Menu, Apps, Viber, Permission Management, and enable Auto-start.
Comments? Please let me know!