Bought a new Dream Quest Pro from Amazon and didn't see your video before I purchased it. But, fortunately, I saw this video while the new PC was in transit to my home. So, I was getting prepared to check it for any malware first. And, guess what? I found the same thing on mine. Microsoft Defender caught it deleted and blocked it. After that I downloaded (from Microsoft) the latest version of Windows 11 and did a complete install from usb drive. Thank you Net Guy for your informative video!! I am also warning everyone about this serious (84% of pc's tested last year by Microsoft were found to contain this Malware) risk to consumers.
It appears you are in that Lucky 16% that aren't infected. Keep updating and scanning to be sure before putting any sensitive information on it. @@silverlanswoodworking
I was considering the same PC too when Amazon had a massive discount on it. It was a crazy sale and there was something like $100 off coupon in addition to that. Though the first thing I would have done if I had purchased it is nuke the drive and install a clean copy. I'd never trust an OS install from a lesser known vendor.
There was another PC from them that came with Google Chrome already on it and if you uninstalled it would just reinstall itself. I think they know about the malware because I can't see 2-3 pcs from the same brand having these issues.
Greedings from Gamers Nexus video! Good job on this video! Thank you for this! Not helping me at all, as I never buy any of these products anyway (I only ever have, or had, self-built full system desktops), but still very important to spread the message.
Definitely imho, if a company "knows" there's systems that have been compromised, and didn't do anything about it, like notifying their customers, the are a crap list and should be avoided in the future. This just shows they were just after the income, not the customers loyalty for repeat purchases It also brings into question "how long" did they know about this issue?? Could they have been the ones who compromised the systems? Are they getting a kick back, or the primary, end point to the scams?? And many other questions Thanks for the heads up on this brand. It's a shame that a brand that used to be good could turn into such trash
TomsHardware sent me here and I am glad they did as this video is a wake up call to those of us looking to buy cheapo mini PCs for prices too good to be true!
Just found you from Steve, over at Gamers Nexus. Always good to see folks looking out for consumers. Subbed, and I will be going through you previous vids. Have a great day, Sir! o7
There is a similar issue with cheap TV Streaming boxes and routers.. They have also been found to have malicious back door software from the oem. Anything with a Microcontroller is capable of running malicious code.. It's at this point you should be asking WHY does your Fridge/Kettle/Washer/Dryer even need an MC and Internet connection in the first place?
Answer: Because many people have their fridges set up to where when they finish using X and Y, they can automatically order replacements for their used products from the local grocery store and have them delivered.
@@lander1591No, tells you I am educated on this subject and have literally had these 'warnings' pop up on my own personal computer only to find out.... THEY ARE FALSIFIED! 🎵 Microsoft got called on this nearly 10 years ago by various security researchers even from their own company.
The company saying "The problem has been fixed," is absolutely meaningless without answering the bigger question of "Why was it there in the first place?"
The company did explain it back in October. They were buying batches of components from a 2nd party distributor and found they were bad. They cut ties with them and sued for damages. They contacted Amazon and another reseller requesting certain model SSNs returned. Some bad ones got through. I've run several different scans with different programs on the one I just got and all come out clean.
@@AnubisReviews That was a cop out by them and didn't answer the question. They tried to put the blame on another company and remove accountability from themselves. It doesn't answer the question why they didn't make sure their product was working properly (Didn't have viruses) before shipping. It is THEIR name on the product and it is now their business that has been tarnished because they didn't make sure their product was safe. They should have been the ones to notice there were viruses before a single computer made it out of their business.
@ejtaylor73 you DO realize that the ONLY way to find the virus is to activate it right? The virus is literally hidden as an exe file inside of Windows recovery which means it only becomes active after you factory reset the PC and log into an account to save a password. If you have Norton, TotalAV or Bitdefender installed first before even setting up accounts then it is caught and quarantined instantly. You can then run programs to delete it. This is the exact same thing that car manufacturers, appliance manufacturers and even construction workers deal with but you act as if PC companies are the exception and need to be 100% perfect out of the box and can't have a single complaint. Auto manufacturers will literally recall 100,000 cars because the airbags will randomly deploy killing people and you will say the company did the right thing. This company says they partnered with another company that provided them m.2 with pre-installed windows and later found out that 1% were infected and you throw a fit saying they should've known and tested them all first. You throw all this shade at a PC company who actively has done what they could to fix any issues including buying back infected PCs that were past the 30 day mark.
Though i'm a linux user i am not going to preach for you to switch to linux just yet, but there is a use for linux in this case. Booting up from a live usb to check out the system data to see what is on your pc, like actually on it. Going through the "super hidden files" on windows but also the hidden recovery partitions and and other potential surprises. Then when you find something suspicious you just wipe everything. Going full Richard Stallman here for a second, but closed source software (even operating systems) are not the way forward if you value security. At times, usability and security are on the opposite ends of a spectrum of system configuration.
I agree, but do you trust the EFI/BIOS or stuff in the management engine? I still have some heebie jeebies even though I'd put a customized Slackware on anything I bring in.
@@christopheroliver148 With current BIOS/UEFI sizes approaching 16-32 MB storage it won't be long until such malware is integrated into UEFI at manufacturing time by more "common" folk. Usual UEFI can read NTFS already, when alone it can talk to the network. While it is known Intel ME can silently use host's networking card, it may be yet a hurdle to seamless usage.
The OEM file folder would be something done by a factory install and produced en masse. Linus found this to be the case with MANY Amazon Chinese machines. From Android boxes to Mini PCs and embedded in firmware.
@@snakeplissken8887 how do you know its embedded? I ran a scan before nuking it and it clearly showed the malware. Nuked it and even used a new SSD, installed windows fresh and scanned it again, no more malware detected.
This seems to be a recurring theme for Acemagic. I saw video last year where a reviewer had received one of their mini PCs with viruses on it from the factory.
!! WARNING --- I can confirm that certain ACEMAGIC mini PC's are infected with malware, spyware and browser hijacking virus or whatever you want to call them. I bought one....FROM AMAZON. Had it sitting on my home network for almost a week before I discovered what was going on. In my case there was pre installed Google Chrome. I reinstalled the OS from the OEM AND boom it reinstalled the malware, spyware and browser hijacker.......WARNING!!!
this is why when it comes to pre-built computers like this. i do a full wipe of the SSD for a fresh copy of windows. this way i'm not getting all the bloatware or other possible build in crap. never use the copy of windows that comes with the build in.
Not a bad idea. Even for well known and established brands like Dell, HP, Lenovo, MSI, etc. that probably won’t have malware pre-installed, you just don’t have to deal with the OEM bloatware. And you may or may not know about the trick to select the language “English (World)” instead of “English (insert country)” because it doesn’t install Windows bloatware like Candy Crush. That way, you get no OEM or Windows bloat. Saves a decent amount of disk space too.
@@icecreamjunkie6790 Unless you are the late 1990s and you try to install the original release of Pacific General and if you don't have your regional settings as English USA you can't make the game run. OK that's one case, but just saying. :)
Sorry but the in my opinion the problem with Amazon is that the almighty buck comes before the customer. Louis Rosssmann did a video about a month ago regarding a brand of automative blad fuses that took 10 Amp before the 2A fuse blew. He also showed wire butt splicers that came apart when the wires were lightly pulled apart. Even after contacting Amazon customer service with this video proof the products continued to be sold on Amazon. The same goes for fake USB flash drives. Even when Amazon is made aware of the item being suspect they allow the item to be sold.
News organizations have also reported about dangerous flammable clothing being sold on Amazon as legitimate when, on arrival it wasn't. Googling the issue nowadays would appear they still have this issue, just with a worse search engine.
Another problem with Amazon and Ali-express etc is they make money from sales. If they shut down a shady reseller they either a) loose commissions or b) the reseller just gets another free email and another bank account and name and starts again c) Ebay has this problem with sellers 20 years ago
@@t.wadegonder1288 The bad fuses could be under the jurisdiction of either the CPSC or the NHTSA. And in this case the jurisdiction might overlap because these fuses are often used in non-automotive applications too.
Rule #1, always wipe a system you get from any SI, and install windows fresh (not online). If you do anything but what i just said, you do not practise "safe computing". Also, bypassing the windows 11 'online' installation, is a registry setting within the wim. The fact that there's malware on the system, the company is 100% aware of it and is also the reason the cost is so cheap (because they want unsuspecting tech-inept people to buy it)
@@TheNetGuy I know you probably do this but hey, making lemonade, this made a great video and content for folks. The only devices I have bought where I didn't wipe from start were my Surface products, but even my old Lenovo Helix had some "malware" along with all the bloatware on the image. What's fun are the new ones embedding the garbage in the BIOS (looking at you ASUS).
Not enough, these computer can be easily shipped with bios malware, one that can install rootkits evertime you change the hard drive. The solution is not to even buy computer from a chinese manufacturer unless it's lenovo, because they're always shady.
1) Always delete preinstalled partitions and re-install the OS. Other than malware, most people do not need pre-installed trial and useless bloat software. 2) Port 17044? Install a hardware firewall for your network, and only allow specific ports such as 53, 80, 443 etc that you recognize. pfSense CE is free and very capable.
I tend to wipe and clean install as a master of course as well, mostly to remove bloatware. Glad I do this as I've used a few of these and cheaper units. Though I'm usually using Linux anyway, and have bought barebone units a few times. Mostly when they became a better/cheaper option than RPi during the pandemic for projects.
@@cosmefulanito5933 I'm not sure what you mean. If it was pre-installed with Linux, it could still have malware. I fresh install router boxes even if they already have OPNsense on them.
Once you find a virus in the system files, especially in the recovery area. Thats malicious intent. To enact a save plan for the virus? Thats even worst. Glad you got the Windows prompt and did your hiuse cleaning in a hurry.
isnt this a brand that ETA Prime shilled for on the regular? i had to stop watching and subbing to his stuff, all he seems to do now is shill for these makers now and make money with affiliate codes.
I can make between $10-15 on every mini PC I move on Amazon. More on TikTok. I gave up a lot to get this message out. Hopefully someone shares with him. 👍
@@TheNetGuy im glad you have scruples as well as you're not just using your channel as a payout. His stuff a couple of years ago was a lot more dealing with tutorials and comparisons (or running an external GPU on a SBC with an adapter etc) and now its all just ' is the most amazing MiniPC to the market' or that but an Android handheld. His is mostly stuff off of AliExpress, including one thing he posted that sold out in minutes (i clicked on his link within 20 mins of it being posted and the link was dead, was a Ryzen SBC). Im wondering how many RUclips rules hes skirting because these seem more like endorsements vs actual reviews on his channel
To be fair, he probably didn’t get the “bad batch” and is know for showcasing that kind of hardware. He also might not have a good grasp of cybersecurity too… you wouldn’t ask your grandma to write a hello world c++ tutorial. ETA Prime is just a good dad with chonky hands and a successful channel. You don’t have to watch his videos but your should still remain objectively fair about his situation. 😅
@@Crux161 the cyber security wasnt my point. My point was him rubber stamp reviewing products and brands like this, and they're either all the same, or he avoids pointing out any short comings or issues with them. ie hes not reviewing hes advertising.
@@DaiAtlus79 I am no fan of ETA prime, though out of curiosity I do watch his videos. Things that piss me off is asking questions to the viewers which he clearly never check the replies, never comments, etc. Anyway, easy solutions for you. One, stop watching his videos if they annoy you so much. Two, make it a drinking game. Every time he mentions how this current product is amazing or the best, have a shot of your favorite drink. By the end of the video you will not care what he said about the product or any shortcomings.
Erm, Windows 11 doesn’t prevent you from setting up with a local account, it just makes it harder. It doesn’t need software hacks to do and there’s an official configuration switch to allow corporate builds to do this explicitly.
@@funnyberries4017 They can yes, They boot before the kennel. Can't remember the name but there was a major on that hit boot image last year, which loads 1st. if you got hit by it then you would need a new mobo.
Lenovo pulled some stupid crap with their laptops and desktops a few years ago. Their bundleware reinstalled on every reboot, from the UEFI firmware. At least it was fixable by removing the massive restore partition they had (40GB, if I remember correctly), but the firmware is still suspicious. A local computer shop had them because they came with Windows pre-installed to save time, but they ended up being more work than just building an SFF PC from scratch.
@@funnyberries4017 linux is not solution to avoid these spyware. When it become popular, it will become targeted too. Even linux have own old decades spyware is not detected until recently, is more worst than windows. The community have plan to ditch sudo su since is already not secure anymore.
Thank you so much for posting this. I literally had this computer delivered and in a box in my house.If you hadn't made this vid it would be on my network right now! I've returned it unopened.
@@post-leftluddite Windows licenses are tied to the hardware nowadays. As long the pc has been activated through Microsoft servers, it will activate on new installs during the first connection to the internet.
@@ghostfreckle I bought a cheap mini-PC; it was pre-activated with what appears to be a stolen MAK or MSDN key. There's no OA3.0 and a stolen license can get revoked.
I am a bit confused. Is practicing safe computing having in a live network all your machines including storage of a "lifetime" of data? I am not sure about that. At the very least have your storage offline. Edit: Spelling, plus, I don't use Windows 11, but I am pretty sure you don't need to install anything weird to make Windows 11 proceed without requiring an online MS account.
8:41 What if the drive you scanned has malware that is encrypted and only unencrypted once the installed OS is running? That would require an airgapped system.
There is no "clean" after a "forensic scan", only "no malware found". FFS, the only OS you should be using is from official install media of your OS of choice.
Interesting info. I recently picked up 2 Beelink mini PC's. Due to not wanting to even boot up the provided windows 11, I installed Windows 10 on one of them using an installer from Microsoft. The other one is a Linux only machine. Glad I never booted the provided Windows. I may have dodged the bullet. Thanks for the heads up.
And don’t forget, MFA everything! Doesn’t stop all issues, but make it as difficult as possible on an attacker to get in, or at least buy you some time to change passwords!
@@morgenanspyrys You know what is Impractical? Paying a company a monthly fee to keep a list of all those different passwords when a notepad and pencil are only a dollar.
At work, we only buy PCs from US manufacturers. Hard, I know. HP will assemble business class machines in the US, but the internals are often China. The first thing we do is wipe them and perform a clean install with MS certified drivers. My personal machines are either used workstation class machines from US companies or I build them myself (assembled in the US). The same wipe occurs, but I can be more selective with drivers.
But what if the China made microchips have backdoors? Cheap mini PC's is a perfect way to get behind the protection of the firewall in order to spy and do other evil stuff. My Spidey senses are tingling here.
I had another model of acemagic mini pc arrive Monday and I'm glad to have found this video. Mine has the same weird osver folder and executables. I'll be installing linux on it and checking before I buy something like this again.
Another RUclipsr, Britec09, reviewed this same product and found all the same malware and virus's you found. I'm so happy you guys are here to put the word out. Thanks.
And everyone i know says im crazy because the first thing I do to any new (brand or new-to-me) computer I get is immediately wipe the drive and reinstall windows and find all the drivers.
That's not crazy. I do it as well. That said, it's because I usually install Linux 😂 But I have been known to do clean Windows installs as a rule for some of the PCs at work, and definitely for my extended family.
Great video and PSA! One other thing I would add is that MFA won’t always save you in cases of such sinister malware because they can steal the session token (that you’re already signed into). Thanks for bringing this to light; nobody should ever think their brand new PC might be pre-installed with malware.
@@TheNetGuy Yup, that's what it was. Unfortunately, as the good guys get smarter, the bad guys do too. Very glad you're spreading the word about this as many would never (and shouldn't have to ever) expect this to happen.
The absolute incompetence of this company. Regardless of which stage of production this was added and how, this cannot be excused with a simple half assed apology. That's a real shame given that it seems by reviews that the PC itself is a decent and capable little thing. If this was the result of shady windows acquisition, just goes to show why a prebuilt company should just suck it up and buy the actual thing or just ship it without an OS. End users can go ahead and take this kind of risk if they want but a company should never do this.
Good call on telling Amazon to issue a warning like for E.Coli or something...that is exactly what should happen. Thanks for the in depth information and ways to avoid this situation.
I bought a PC from another NUC style PC manufacturer. I powered it up to see what was on it. I did not enter any login details that I needed to keep secret, and ran a few benchmarks. I can't remember the results, and didn't take a note, but the machine would have made a suprisingly good, if fairly low end, game machine. However, before I did anything serious on it, I nuked the Windows install, replacing it with Proxmox. It now has a couple of Windows Server VMs, a couple of Windows client vms, and a few different linux ones.. None of the VMs have any important data on them. I use them purely to experiment.
I wouldn't even trust this device after reinstalling. Considering the likes of ASUS can install rootkits directly on your device via UEFI, I wouldn't be suprised if AceMagic could do the same
Amen bro, I use Norton 360 Gaming one, Fantastic, Got everything you need on it, And it is well worth the price, For gamers Norton is better though it really do drop a few extra FPS in your gaming... I really do have hate for a person who steals next persons money ect, By hacking a PC, It is like Burglary to me, I been burgled years ago and lost a 3 grand music studio and 5 years worth of Hip Hop production, Also the tramps stole my washing machine, Can you believe that one, Cleaned me right out literally, I have had a fair few times in my life when lets just say I was hurt, But coming home to see my front door open and my flat taken, Was the worst gut punch I ever felt, A week later I was jumped by someone who had a house brick in his hand from the back at night, Wack to the back of my head and the tramp managed to get my Sony Viao, The law don't do anything to these violent people, Even when caught, There was one kid with over 30 burglary charges and still waling the streets at the time, And because the punishment is nothing when people do get caught more and more people will just think, Well I can get away with stealing from another person so why not, The punishment for theft, Or lack of punishment is the reason people will carry on regardless, Stealing that is, It is one of the worst pet hates I have, I was at rock bottom with drug addiction and still never went out stealing from peoples cars, A few people used to ask me if I was going out to raise they used to call it, I always said nor man, I wouldn't like it if someone stole off me so I always said not for me, Even if people hated me and called me what ever, Stealing form someone is a really low move, I won't even shop lift, I feel that some bad karma will come your way if you keep stealing form people, I really do believe if you do good by other people who is weaker than yourself, And look after Nature, Then good Karma will come your way, God will see good things come your way, I do believe you do bad to people and bad will happen to you.... I remember I said to someone who does Pre built gaming PC's on You Tube about the benefits of building or putting your own PC together, It is not hard to do, When you got plenty of step by step vids on You Tube, If you can put a Kitchen together or you do a sophisticated job, Then you will be able to put a PC together, Get someone to show you, I wonder if there is any companies out there who would send a person out to put the PC together for someone, A mobile PC man who will show you step by step on how to put a PC together, Top idea that is, Then people can teach their kids when they know, Education should be free at point of use, An Educated society is far more constructive and refined lol, It makes sense to have a society that is highly educated yeah, It is why I loves You Tube so much, You find the right person doing the video and you can learn nearly anything, lol.... Build your own PC, It will make you feel so much better looking back and thinking Damn I put that together, While saving a ton of money, Just like the BBS02 E-bike motor I fitted to my Mountain bike, Creating my own E-bike, Again thanks to You Tube I learned as well while I was fitting the motor, lol, But yeah Spy ware on a PC you buy isn't a good move.....
The worst part about them using shadey Windows keys, I want to put Linux on it anyway. Just sell it with a good Linux distro, with permission. I bet liscensing Ubuntu costs less than those scam Windows keys. Not to mention all the linux distros that'd let you do it for free. If people want Windows, they can buy a premium mini-PC that's $100 more. But this malware shit really ruins the whole market for me. Now I don't trust any of the lesser known names Who's to say they will only put malware on the drive, they could absolutely inject malware into the bios. Then even if I replace it with Linux I'd still be keylogged.
Great video!! I’ve always been wary of using my personal credentials on used or little known brand devices. First thing I do when buying used computers is wipe it completely and clean install. I even do that with the routers ISPs provide. The times I’ve switched providers, I’ve asked if they will give me full admin access to the provided router, otherwise it’s a deal breaker (some ISPs don’t allow you to use your own router).
External passkey QR codes and hardware keys can mitigate all these password stealing problems. I wish they try to adopt WebAuthn faster than this. All passwords should be completely gone before 2030. Yes, included ones in the router.
Bmax? Disappointing in the sense that they are a relative Name Brand that's been around for a few years now. Never owned one, but they aren't a pop up that just appeared like these current mini PC players. I have a couple of pretty old Beelinks. One of which I just put ChromeFlex OS. Both served me well in their day with Windows 10. BeeLink has been around for much longer than Bmax. If I was to get into the mini PC game again, it would be my go to brand. I hope they don't get caught up in this.
Thats, why i purchase laptops or machines with no OS´s preinstalled....Or i wipe them before using. Still thinking to buy an acemagic, and repartition the drive before using it.
Would nuking windows and installing linux fix this? I have a Beelink minipc (not the same, but not a top tier brand), and I installed linux as dual boot, but actually haven't touched the windows side in a few months. Assuming I have new passwords, should I be safe?
I don't even let windows boot. I take the drive, put it away, put in a new drive and install linux. I am happy without a Microsoft account, password mangler, and all the other terrible things that come with modern windoze versions. I saw how a friend setup a new windose pc a few years ago and it was revolting on what Microsoft does these days. I'll agree that windows defender is actuator reputable.
why because mini pc has now become more durable faster cheaper than most of well known brands. well paid actors. Maybe its very good to use your head on business and think outside of the box (pc)
This is why I don't save my passwords in any kind of password manager. My passwords and recovery keys are in an encrypted text file on multiple USB drives that are also encrypted. Only my computers with my Microsoft account linked to them can access the contents of those drives. I have a recovery certificate wizard in place if I somehow lose access to any of the drives and the recovery key for that is elsewhere. I'll never save my sensitive data on any of those websites or apps that promise to securely manage your logins, I can't trust that shit.
@@blazer511 I wond up downloading Intels entire nic driver zip but in device manager the device was I1225-v and windows update and minis forum own drivers said the same but the driver that works was for i1226-v. Could be an Intel issue but even their DAC software was downloading the former driver Came off sketchy and I was a little sketched out because I had the ace magician machine first and chrome was doing wierd things like using a significant amount of cpu for no reason. So I thought I un-installed it (it was a headless server) and I thought it came back. This is why I replaced it and did a clean install of windows off the bat. Crazy couple weeks
Prebuilt machines like mini pc's, dells, lenovo, and the like pretty much always come with malware or undesirable "bonus" software that might as well be malware. First thing I do is repartition the drive and install some kind of linux. Unless it's my new windows machine, which I only need one of at a time or I'm setting it up for a friend. In that case, I still use a linux install usb but only to wipe/repartition the drive since fdisk gives you a good amount of control over the repartitioning. Then I swap it out for a windows install usb, select "no" on the ten thousand requests for enabling various types of telemetry, set up a local account, and install a suitable browser.
Been through that when I bought a laptop to compliment my self built desktop. The laptop came with a bunch of pre-installed software, all of which was legitimate but either a 30-day trial, after which I had to pay, or was a subscription based "portal" to (browser based) games or suchlike. After digging around on the net I found that certain companies are paying the laptop manufacturers to install this crap, which they're happy to do because it allows them to sell their products at a lower and more attractive price, while the software people get their money back from the mugs who are fooled into thinking they must have the pre-installed garbage and pay for it. There used to be a program called "PC-Decrapifier" (no longer in development) which did a great job of removing this junk when installed after first run, and I'm not sure if there's anything else like it now.
Convenience is never worth the risk, and using a factory windows installation is the dumbest thing i can imagine someone who is not tech illiterate to do (if you plan to use it long term). I get it if my grandma uses it, but people like you have no excuse.
This is worrying. Personally I never buy from Amazon, I don't trust them. I have always built my own PC's to avoid this very issue and more, knowing that my PC is spec'd with high quality components and no proprietary garbage ( cough HP, Dell ) gives me a peace of mind. I still have to be very vigilant with software.
All bad advise assuming hardware and bios root of trust when in fact there is none. A lot can happen before anything on the hardrive boots and you can't really trust the memory mapper or microcode or CPU at that point. The best way to secure it is to throw it in the trash.
The manufacturers use a 3rd party to create the image for their machines. It is easy for someone working for the 3rd party company to slip something in. It is even possible for the company to have a bad actor in the company replace the image. I now am worried about the 100 dollar mini PC I bought to use but have not used it very often.
@@phillysupra Am thinking about the mini PCs my work's buys for demo kits. I believe those only have soldered eMMC for boot drive and no SATA or PCIe ports. Good idea about Windows though as there are a multitude of scanners available, but can it be installed to a USB stick ? ( or could it be forced onto a USB stick?)
@@BobBeatski71 windows recommends a usb drive for its OS install. You'd have to boot into the bios to change the boot order if you want to install clean. I've kept a copy of windows since win95. Also, I've rebuilt my personal pc at least 3 times already with all new hardware and have used the same windows key each time. No need to pay 150 bux each install.
@@phillysupra I'm thinking more along the lines of installing Windows onto a USB stick and boot from that so that I can scan the mini PC internal storage.
FYI the malware is just a part of these computers. They have open access chips on the boards that give ccp access to the computers scary part these chips are placed under other chips.
"Dealing with false virus reports". This is how this manufacturer has chosen to deal with this issue, calling reports like this false, and then releasing clean files to overwrite the infected ones, effectively brushing it all under the carpet. Check out this blatant attempt to discredit these reports on the acemagic drivers download page.
I just wish creators could stop the secondary camera angle trend, it's just awkward and steal focus from the content. Here's there are even two off cameras. Cringe.
Bought a new Dream Quest Pro from Amazon and didn't see your video before I purchased it. But, fortunately, I saw this video while the new PC was in transit to my home. So, I was getting prepared to check it for any malware first. And, guess what? I found the same thing on mine. Microsoft Defender caught it deleted and blocked it. After that I downloaded (from Microsoft) the latest version of Windows 11 and did a complete install from usb drive. Thank you Net Guy for your informative video!! I am also warning everyone about this serious (84% of pc's tested last year by Microsoft were found to contain this Malware) risk to consumers.
weird i have dream quest pro and i didnt see any malware what did you use to scan cause defender is saying im clean.
It appears you are in that Lucky 16% that aren't infected. Keep updating and scanning to be sure before putting any sensitive information on it.
@@silverlanswoodworking
Me too on the Dreamquest.....
@@WindsofChange clean or Virus?
@@silverlanswoodworking Same malware as all these other computers....the Endev files. Chrome pre installed.
This was fantastic. Thanks for doing all that digging. I was offered this exact PC multiple times, and I'm really glad I passed on it.
🙏 coming from you this makes me smile. Love your work and your channel. Thanks for the kind words.
@@TheNetGuy man I’m just glad I wasn’t the one having to deal with it. I would’ve been screwed haha
I was considering the same PC too when Amazon had a massive discount on it. It was a crazy sale and there was something like $100 off coupon in addition to that. Though the first thing I would have done if I had purchased it is nuke the drive and install a clean copy. I'd never trust an OS install from a lesser known vendor.
There was another PC from them that came with Google Chrome already on it and if you uninstalled it would just reinstall itself. I think they know about the malware because I can't see 2-3 pcs from the same brand having these issues.
All of my infected ones had chrome preinstalled...at least in this go round....that is one of the tells that the machine is infected.
Greedings from Gamers Nexus video! Good job on this video! Thank you for this!
Not helping me at all, as I never buy any of these products anyway (I only ever have, or had, self-built full system desktops), but still very important to spread the message.
Definitely imho, if a company "knows" there's systems that have been compromised, and didn't do anything about it, like notifying their customers, the are a crap list and should be avoided in the future. This just shows they were just after the income, not the customers loyalty for repeat purchases
It also brings into question "how long" did they know about this issue?? Could they have been the ones who compromised the systems? Are they getting a kick back, or the primary, end point to the scams?? And many other questions
Thanks for the heads up on this brand. It's a shame that a brand that used to be good could turn into such trash
TomsHardware sent me here and I am glad they did as this video is a wake up call to those of us looking to buy cheapo mini PCs for prices too good to be true!
Awesome, thank you!
You can buy them, but make sure you wipe them completely before use.
Thats exactly why you make a clean install of your os and don't trust whats already on there...
I gotta ask.
If they're gonna use greymarket keys why don't they just skip that and use something like MASSGRAVE ?
Just found you from Steve, over at Gamers Nexus. Always good to see folks looking out for consumers. Subbed, and I will be going through you previous vids.
Have a great day, Sir! o7
Thank you for the kind words and the sub! Big fan!
There is a similar issue with cheap TV Streaming boxes and routers.. They have also been found to have malicious back door software from the oem. Anything with a Microcontroller is capable of running malicious code.. It's at this point you should be asking WHY does your Fridge/Kettle/Washer/Dryer even need an MC and Internet connection in the first place?
Bingo!
Answer: Because many people have their fridges set up to where when they finish using X and Y, they can automatically order replacements for their used products from the local grocery store and have them delivered.
@@christopherkidwell9817 Tell me you work for the Establishment without telling me you work for the Establishment...
@@lander1591No, tells you I am educated on this subject and have literally had these 'warnings' pop up on my own personal computer only to find out.... THEY ARE FALSIFIED! 🎵
Microsoft got called on this nearly 10 years ago by various security researchers even from their own company.
@@christopherkidwell9817 Juts open the bloody fridge.... and see the mould!
The company saying "The problem has been fixed," is absolutely meaningless without answering the bigger question of "Why was it there in the first place?"
Truth!!
The company did explain it back in October. They were buying batches of components from a 2nd party distributor and found they were bad. They cut ties with them and sued for damages. They contacted Amazon and another reseller requesting certain model SSNs returned. Some bad ones got through. I've run several different scans with different programs on the one I just got and all come out clean.
@@AnubisReviews That was a cop out by them and didn't answer the question. They tried to put the blame on another company and remove accountability from themselves. It doesn't answer the question why they didn't make sure their product was working properly (Didn't have viruses) before shipping. It is THEIR name on the product and it is now their business that has been tarnished because they didn't make sure their product was safe. They should have been the ones to notice there were viruses before a single computer made it out of their business.
@ejtaylor73 you DO realize that the ONLY way to find the virus is to activate it right? The virus is literally hidden as an exe file inside of Windows recovery which means it only becomes active after you factory reset the PC and log into an account to save a password. If you have Norton, TotalAV or Bitdefender installed first before even setting up accounts then it is caught and quarantined instantly. You can then run programs to delete it. This is the exact same thing that car manufacturers, appliance manufacturers and even construction workers deal with but you act as if PC companies are the exception and need to be 100% perfect out of the box and can't have a single complaint. Auto manufacturers will literally recall 100,000 cars because the airbags will randomly deploy killing people and you will say the company did the right thing. This company says they partnered with another company that provided them m.2 with pre-installed windows and later found out that 1% were infected and you throw a fit saying they should've known and tested them all first. You throw all this shade at a PC company who actively has done what they could to fix any issues including buying back infected PCs that were past the 30 day mark.
@@AnubisReviewsSource for Octaober claim?
Though i'm a linux user i am not going to preach for you to switch to linux just yet, but there is a use for linux in this case. Booting up from a live usb to check out the system data to see what is on your pc, like actually on it. Going through the "super hidden files" on windows but also the hidden recovery partitions and and other potential surprises. Then when you find something suspicious you just wipe everything. Going full Richard Stallman here for a second, but closed source software (even operating systems) are not the way forward if you value security. At times, usability and security are on the opposite ends of a spectrum of system configuration.
I agree, but do you trust the EFI/BIOS or stuff in the management engine? I still have some heebie jeebies even though I'd put a customized Slackware on anything I bring in.
@@christopheroliver148 With current BIOS/UEFI sizes approaching 16-32 MB storage it won't be long until such malware is integrated into UEFI at manufacturing time by more "common" folk. Usual UEFI can read NTFS already, when alone it can talk to the network. While it is known Intel ME can silently use host's networking card, it may be yet a hurdle to seamless usage.
I have the kamrui am06 pro and found the Spyware, time to change all my passwords and nuke the OS i guess. New subscriber!
I’m sorry. That sucks so bad. Grrrr this company. They want me to take my video down but clearly it’s helping people still.
@TheNetGuy whether it's helping or not why take it down at all?
Won't help to nuke all software if it's embedded in firmware, it will just replicate on a fresh install
The OEM file folder would be something done by a factory install and produced en masse. Linus found this to be the case with MANY Amazon Chinese machines. From Android boxes to Mini PCs and embedded in firmware.
@@snakeplissken8887 how do you know its embedded? I ran a scan before nuking it and it clearly showed the malware. Nuked it and even used a new SSD, installed windows fresh and scanned it again, no more malware detected.
This seems to be a recurring theme for Acemagic. I saw video last year where a reviewer had received one of their mini PCs with viruses on it from the factory.
That's a scary thought :(
!! WARNING --- I can confirm that certain ACEMAGIC mini PC's are infected with malware, spyware and browser hijacking virus or whatever you want to call them. I bought one....FROM AMAZON. Had it sitting on my home network for almost a week before I discovered what was going on. In my case there was pre installed Google Chrome. I reinstalled the OS from the OEM AND boom it reinstalled the malware, spyware and browser hijacker.......WARNING!!!
this is why when it comes to pre-built computers like this. i do a full wipe of the SSD for a fresh copy of windows. this way i'm not getting all the bloatware or other possible build in crap. never use the copy of windows that comes with the build in.
Not a bad idea. Even for well known and established brands like Dell, HP, Lenovo, MSI, etc. that probably won’t have malware pre-installed, you just don’t have to deal with the OEM bloatware. And you may or may not know about the trick to select the language “English (World)” instead of “English (insert country)” because it doesn’t install Windows bloatware like Candy Crush. That way, you get no OEM or Windows bloat. Saves a decent amount of disk space too.
@@icecreamjunkie6790 Unless you are the late 1990s and you try to install the original release of Pacific General and if you don't have your regional settings as English USA you can't make the game run. OK that's one case, but just saying. :)
Sorry but the in my opinion the problem with Amazon is that the almighty buck comes before the customer. Louis Rosssmann did a video about a month ago regarding a brand of automative blad fuses that took 10 Amp before the 2A fuse blew. He also showed wire butt splicers that came apart when the wires were lightly pulled apart. Even after contacting Amazon customer service with this video proof the products continued to be sold on Amazon. The same goes for fake USB flash drives. Even when Amazon is made aware of the item being suspect they allow the item to be sold.
Excellent points Greg 👍
News organizations have also reported about dangerous flammable clothing being sold on Amazon as legitimate when, on arrival it wasn't. Googling the issue nowadays would appear they still have this issue, just with a worse search engine.
Another problem with Amazon and Ali-express etc is they make money from sales.
If they shut down a shady reseller they either
a) loose commissions or
b) the reseller just gets another free email and another bank account and name and starts again
c) Ebay has this problem with sellers 20 years ago
It's time the FTC and some big class action lawsuits stepped in to teach Amazon how to be a responsible vendor.
@@t.wadegonder1288 The bad fuses could be under the jurisdiction of either the CPSC or the NHTSA.
And in this case the jurisdiction might overlap because these fuses are often used in non-automotive applications too.
Rule #1, always wipe a system you get from any SI, and install windows fresh (not online). If you do anything but what i just said, you do not practise "safe computing". Also, bypassing the windows 11 'online' installation, is a registry setting within the wim. The fact that there's malware on the system, the company is 100% aware of it and is also the reason the cost is so cheap (because they want unsuspecting tech-inept people to buy it)
Thoughtful 🤔
@@TheNetGuy I know you probably do this but hey, making lemonade, this made a great video and content for folks.
The only devices I have bought where I didn't wipe from start were my Surface products, but even my old Lenovo Helix had some "malware" along with all the bloatware on the image.
What's fun are the new ones embedding the garbage in the BIOS (looking at you ASUS).
best way to install windows is directly downloading the ISO and use rufus on a USB. The "installer" NEVER WORKED FOR ME
Rule #1, avoid Windows.
If you store your personal information on Windows, you do not practice "safe computing"
Not enough, these computer can be easily shipped with bios malware, one that can install rootkits evertime you change the hard drive. The solution is not to even buy computer from a chinese manufacturer unless it's lenovo, because they're always shady.
Definitely makes me much more cautious about mini PCs going forward for sure!
1) Always delete preinstalled partitions and re-install the OS. Other than malware, most people do not need pre-installed trial and useless bloat software.
2) Port 17044? Install a hardware firewall for your network, and only allow specific ports such as 53, 80, 443 etc that you recognize. pfSense CE is free and very capable.
I got one of these for free that had a 5800U and its Vega 8 iGPU. Naturally, I wiped the drive entirely clean and installed ChimeraOS.
I tend to wipe and clean install as a master of course as well, mostly to remove bloatware.
Glad I do this as I've used a few of these and cheaper units. Though I'm usually using Linux anyway, and have bought barebone units a few times. Mostly when they became a better/cheaper option than RPi during the pandemic for projects.
Or just use a real OS and not a toy one.
@@cosmefulanito5933 I'm not sure what you mean. If it was pre-installed with Linux, it could still have malware.
I fresh install router boxes even if they already have OPNsense on them.
@cosmefulanito5933 those don't exist
Once you find a virus in the system files, especially in the recovery area. Thats malicious intent. To enact a save plan for the virus? Thats even worst. Glad you got the Windows prompt and did your hiuse cleaning in a hurry.
I got a new "OUVIS GK3 Plus" mini pc yesterday and Redline spyware was also preinstalled in the C:\Windows\OSVer and C:\Recovery\OEM\OsVer\ folders.
Crap! Glad you found it!
Can I ask what you did to fix the issue?
@@declanheerey3776 I used Live Linux to wipe the whole drive with all recovery partitions and started from scratch.
isnt this a brand that ETA Prime shilled for on the regular? i had to stop watching and subbing to his stuff, all he seems to do now is shill for these makers now and make money with affiliate codes.
I can make between $10-15 on every mini PC I move on Amazon. More on TikTok. I gave up a lot to get this message out. Hopefully someone shares with him. 👍
@@TheNetGuy im glad you have scruples as well as you're not just using your channel as a payout. His stuff a couple of years ago was a lot more dealing with tutorials and comparisons (or running an external GPU on a SBC with an adapter etc) and now its all just ' is the most amazing MiniPC to the market' or that but an Android handheld. His is mostly stuff off of AliExpress, including one thing he posted that sold out in minutes (i clicked on his link within 20 mins of it being posted and the link was dead, was a Ryzen SBC). Im wondering how many RUclips rules hes skirting because these seem more like endorsements vs actual reviews on his channel
To be fair, he probably didn’t get the “bad batch” and is know for showcasing that kind of hardware. He also might not have a good grasp of cybersecurity too… you wouldn’t ask your grandma to write a hello world c++ tutorial. ETA Prime is just a good dad with chonky hands and a successful channel. You don’t have to watch his videos but your should still remain objectively fair about his situation. 😅
@@Crux161 the cyber security wasnt my point. My point was him rubber stamp reviewing products and brands like this, and they're either all the same, or he avoids pointing out any short comings or issues with them. ie hes not reviewing hes advertising.
@@DaiAtlus79 I am no fan of ETA prime, though out of curiosity I do watch his videos. Things that piss me off is asking questions to the viewers which he clearly never check the replies, never comments, etc. Anyway, easy solutions for you. One, stop watching his videos if they annoy you so much. Two, make it a drinking game. Every time he mentions how this current product is amazing or the best, have a shot of your favorite drink. By the end of the video you will not care what he said about the product or any shortcomings.
"copping a virus is a bad way to start a relationship"....LOL.
lulz indeed
Erm, Windows 11 doesn’t prevent you from setting up with a local account, it just makes it harder. It doesn’t need software hacks to do and there’s an official configuration switch to allow corporate builds to do this explicitly.
Viruses just don't come on the OS, look out for bios and physical chips too.
Can these affect you if you are running linux?
@@funnyberries4017 They can yes, They boot before the kennel. Can't remember the name but there was a major on that hit boot image last year, which loads 1st. if you got hit by it then you would need a new mobo.
Add the fact that a chip that is memory-wise big enough to hold a virus, could physically be so small you can't even see it with your bare eyes.
Lenovo pulled some stupid crap with their laptops and desktops a few years ago. Their bundleware reinstalled on every reboot, from the UEFI firmware.
At least it was fixable by removing the massive restore partition they had (40GB, if I remember correctly), but the firmware is still suspicious. A local computer shop had them because they came with Windows pre-installed to save time, but they ended up being more work than just building an SFF PC from scratch.
@@funnyberries4017 linux is not solution to avoid these spyware. When it become popular, it will become targeted too. Even linux have own old decades spyware is not detected until recently, is more worst than windows. The community have plan to ditch sudo su since is already not secure anymore.
Thank you so much for posting this. I literally had this computer delivered and in a box in my house.If you hadn't made this vid it would be on my network right now! I've returned it unopened.
i personally wouldn't care and would just have made a clean install of windows
My dad was considering buying a mini PC. My first comment to him was to plan on wiping it and reinstaling Windows.
wouldn't you lose your windows license?
@@post-leftluddite Windows licenses are tied to the hardware nowadays. As long the pc has been activated through Microsoft servers, it will activate on new installs during the first connection to the internet.
@@ghostfreckle and you can isolate it from the net to find the serial number in the control panel if it hasn't been registered, then wipe.
@@felderupyou can just use a program call showkeyplus to get the keys
@@ghostfreckle I bought a cheap mini-PC; it was pre-activated with what appears to be a stolen MAK or MSDN key. There's no OA3.0 and a stolen license can get revoked.
I am a bit confused. Is practicing safe computing having in a live network all your machines including storage of a "lifetime" of data? I am not sure about that. At the very least have your storage offline.
Edit: Spelling, plus, I don't use Windows 11, but I am pretty sure you don't need to install anything weird to make Windows 11 proceed without requiring an online MS account.
8:41 What if the drive you scanned has malware that is encrypted and only unencrypted once the installed OS is running? That would require an airgapped system.
Crap. Insightful.
There is no "clean" after a "forensic scan", only "no malware found". FFS, the only OS you should be using is from official install media of your OS of choice.
Interesting info. I recently picked up 2 Beelink mini PC's. Due to not wanting to even boot up the provided windows 11, I installed Windows 10 on one of them using an installer from Microsoft. The other one is a Linux only machine. Glad I never booted the provided Windows. I may have dodged the bullet. Thanks for the heads up.
how did you go about that? Just have a windows 10 USB in the port the moment you first turn it on?
That might mean that Maine Staffing Group could be in for a big surprise? They had me do the onboarding on a Beelink in their office.
And don’t forget, MFA everything! Doesn’t stop all issues, but make it as difficult as possible on an attacker to get in, or at least buy you some time to change passwords!
Best password manager: The piece of paper taped to the underside of my mousepad.
You better keep your coffee machine within view of your mousepad. And have your groceries delivered.
That sounds very impractical when for security reasons every service you use should have a different password?
@@morgenanspyrys You know what is Impractical? Paying a company a monthly fee to keep a list of all those different passwords when a notepad and pencil are only a dollar.
Is big brand really safe from malware? Who still remembers Lenovo SuperFish?
At work, we only buy PCs from US manufacturers. Hard, I know. HP will assemble business class machines in the US, but the internals are often China. The first thing we do is wipe them and perform a clean install with MS certified drivers.
My personal machines are either used workstation class machines from US companies or I build them myself (assembled in the US). The same wipe occurs, but I can be more selective with drivers.
But what if the China made microchips have backdoors? Cheap mini PC's is a perfect way to get behind the protection of the firewall in order to spy and do other evil stuff. My Spidey senses are tingling here.
I had another model of acemagic mini pc arrive Monday and I'm glad to have found this video. Mine has the same weird osver folder and executables. I'll be installing linux on it and checking before I buy something like this again.
Another RUclipsr, Britec09, reviewed this same product and found all the same malware and virus's you found. I'm so happy you guys are here to put the word out. Thanks.
I wipe my PC clean all the time and run Linux all the way or use a Macbook
Is this a Windows problem or is it enough to format the drive and install Linux? Cause this is what I would do.
Rule 1. Always install your Own OS on China hardware
And everyone i know says im crazy because the first thing I do to any new (brand or new-to-me) computer I get is immediately wipe the drive and reinstall windows and find all the drivers.
That's not crazy. I do it as well. That said, it's because I usually install Linux 😂 But I have been known to do clean Windows installs as a rule for some of the PCs at work, and definitely for my extended family.
Great video and PSA! One other thing I would add is that MFA won’t always save you in cases of such sinister malware because they can steal the session token (that you’re already signed into). Thanks for bringing this to light; nobody should ever think their brand new PC might be pre-installed with malware.
Very insightful! That’s how LTT was hacked if I remember right. Never even stole the password, just hopped right into the browser session 🤮
@@TheNetGuy Yup, that's what it was. Unfortunately, as the good guys get smarter, the bad guys do too. Very glad you're spreading the word about this as many would never (and shouldn't have to ever) expect this to happen.
"This MINI PC ships with SPYWARE!"
Yes. It's called "Microsoft Windows".
Why the HECK do you trust chrome and it’s overlord for your passwords?!
Mistakes were made
@@TheNetGuyindeed
请不要使用中国的电子产品,也不要下载使用中国的软件。因为他们会收集你的信息。
Here from GamersNexus coverage of this
Oh sweet I didn’t see it yet. Going to look.
The absolute incompetence of this company. Regardless of which stage of production this was added and how, this cannot be excused with a simple half assed apology. That's a real shame given that it seems by reviews that the PC itself is a decent and capable little thing.
If this was the result of shady windows acquisition, just goes to show why a prebuilt company should just suck it up and buy the actual thing or just ship it without an OS. End users can go ahead and take this kind of risk if they want but a company should never do this.
Yep, they are still selling illegal windows licenses on these machines. 🤦♂️
Good call on telling Amazon to issue a warning like for E.Coli or something...that is exactly what should happen. Thanks for the in depth information and ways to avoid this situation.
the problem is that this could open up a new can of worms, where the manufacturer also mishandles personal information on the machines they receive
I just got a PC from this manufacturer. No problems so far. Of course the first thing that I did was to wipe the drive and install Proxmox.
I bought a PC from another NUC style PC manufacturer. I powered it up to see what was on it. I did not enter any login details that I needed to keep secret, and ran a few benchmarks. I can't remember the results, and didn't take a note, but the machine would have made a suprisingly good, if fairly low end, game machine.
However, before I did anything serious on it, I nuked the Windows install, replacing it with Proxmox. It now has a couple of Windows Server VMs, a couple of Windows client vms, and a few different linux ones.. None of the VMs have any important data on them. I use them purely to experiment.
I wouldn't even trust this device after reinstalling. Considering the likes of ASUS can install rootkits directly on your device via UEFI, I wouldn't be suprised if AceMagic could do the same
I wouldn't trust amazon to care or do anything about this
Thank you for doing what you did! Integrity means more than anything!
Amen bro, I use Norton 360 Gaming one, Fantastic, Got everything you need on it, And it is well worth the price, For gamers Norton is better though it really do drop a few extra FPS in your gaming...
I really do have hate for a person who steals next persons money ect, By hacking a PC, It is like Burglary to me, I been burgled years ago and lost a 3 grand music studio and 5 years worth of Hip Hop production, Also the tramps stole my washing machine, Can you believe that one, Cleaned me right out literally, I have had a fair few times in my life when lets just say I was hurt, But coming home to see my front door open and my flat taken, Was the worst gut punch I ever felt, A week later I was jumped by someone who had a house brick in his hand from the back at night, Wack to the back of my head and the tramp managed to get my Sony Viao, The law don't do anything to these violent people, Even when caught, There was one kid with over 30 burglary charges and still waling the streets at the time, And because the punishment is nothing when people do get caught more and more people will just think, Well I can get away with stealing from another person so why not, The punishment for theft, Or lack of punishment is the reason people will carry on regardless, Stealing that is, It is one of the worst pet hates I have, I was at rock bottom with drug addiction and still never went out stealing from peoples cars, A few people used to ask me if I was going out to raise they used to call it, I always said nor man, I wouldn't like it if someone stole off me so I always said not for me, Even if people hated me and called me what ever, Stealing form someone is a really low move, I won't even shop lift, I feel that some bad karma will come your way if you keep stealing form people, I really do believe if you do good by other people who is weaker than yourself, And look after Nature, Then good Karma will come your way, God will see good things come your way, I do believe you do bad to people and bad will happen to you....
I remember I said to someone who does Pre built gaming PC's on You Tube about the benefits of building or putting your own PC together, It is not hard to do, When you got plenty of step by step vids on You Tube, If you can put a Kitchen together or you do a sophisticated job, Then you will be able to put a PC together, Get someone to show you, I wonder if there is any companies out there who would send a person out to put the PC together for someone, A mobile PC man who will show you step by step on how to put a PC together, Top idea that is, Then people can teach their kids when they know, Education should be free at point of use, An Educated society is far more constructive and refined lol, It makes sense to have a society that is highly educated yeah, It is why I loves You Tube so much, You find the right person doing the video and you can learn nearly anything, lol....
Build your own PC, It will make you feel so much better looking back and thinking Damn I put that together, While saving a ton of money, Just like the BBS02 E-bike motor I fitted to my Mountain bike, Creating my own E-bike, Again thanks to You Tube I learned as well while I was fitting the motor, lol, But yeah Spy ware on a PC you buy isn't a good move.....
Could you test minisforum? Thanks in advance
EVERY pc ships with spyware - it's called WINDOWS.
Insightful 🤔
Well done mate for catching this one, first time on your channel - won't be the last. Great job!
The worst part about them using shadey Windows keys, I want to put Linux on it anyway. Just sell it with a good Linux distro, with permission. I bet liscensing Ubuntu costs less than those scam Windows keys.
Not to mention all the linux distros that'd let you do it for free.
If people want Windows, they can buy a premium mini-PC that's $100 more.
But this malware shit really ruins the whole market for me. Now I don't trust any of the lesser known names Who's to say they will only put malware on the drive, they could absolutely inject malware into the bios. Then even if I replace it with Linux I'd still be keylogged.
Great video!! I’ve always been wary of using my personal credentials on used or little known brand devices. First thing I do when buying used computers is wipe it completely and clean install. I even do that with the routers ISPs provide. The times I’ve switched providers, I’ve asked if they will give me full admin access to the provided router, otherwise it’s a deal breaker (some ISPs don’t allow you to use your own router).
External passkey QR codes and hardware keys can mitigate all these password stealing problems. I wish they try to adopt WebAuthn faster than this. All passwords should be completely gone before 2030. Yes, included ones in the router.
Should be using linux for home video streaming on the big screen anyway.
libreelec works really nicely on the n100 based mini pc I have in the loungeroom.
Bmax? Disappointing in the sense that they are a relative Name Brand that's been around for a few years now. Never owned one, but they aren't a pop up that just appeared like these current mini PC players. I have a couple of pretty old Beelinks. One of which I just put ChromeFlex OS. Both served me well in their day with Windows 10. BeeLink has been around for much longer than Bmax. If I was to get into the mini PC game again, it would be my go to brand. I hope they don't get caught up in this.
Definitely earned yourself a subscriber! found your channel after reading the comments on ETA's latest video.
Appreciate the integrity.
Thats, why i purchase laptops or machines with no OS´s preinstalled....Or i wipe them before using. Still thinking to buy an acemagic, and repartition the drive before using it.
Man that must have been a scary experience, this is why i never go with a pre- installed OS. I always do a clean install on any new hardware i get.
Would nuking windows and installing linux fix this? I have a Beelink minipc (not the same, but not a top tier brand), and I installed linux as dual boot, but actually haven't touched the windows side in a few months. Assuming I have new passwords, should I be safe?
It is a business model
I don't even let windows boot. I take the drive, put it away, put in a new drive and install linux. I am happy without a Microsoft account, password mangler, and all the other terrible things that come with modern windoze versions. I saw how a friend setup a new windose pc a few years ago and it was revolting on what Microsoft does these days. I'll agree that windows defender is actuator reputable.
Thing is that hard to trust companies, hell, even lenovo sell PCs with spyware
So let's see.. computer came from China I take it.... wonder what type of goodies are hidden in the BIOS/Firmware??
That was a great video, I enjoyed it! 👍 One quick question though, what exactly did you use to forensically scan the drive on the "newer" model?
Bruh, ordering from China 101, ALWAYS wipe and reinstall. Granted I do anyway to go Windows -> Linux
My password manager is a white paper. Try hacking that.
Glad I use Linux. (Which has it's problems, I know. But I haven't had this kind of problem ever.)
Its like watching the glorious love child of paul and steve.
You have won the internet today. 😂
Omg the guy replied to my thing. I'm a couple videos deepalready loving the content so far
why because mini pc has now become more durable faster cheaper than most of well known brands. well paid actors. Maybe its very good to use your head on business and think outside of the box (pc)
I like windows defender but it's pretty easy to brake without people noticing
*break
@@DryPaperHammerBro thanks I'm a horrible speller
Actually, all Windows computers ship with spyware. The spyware is named Windows.
This is why I don't save my passwords in any kind of password manager. My passwords and recovery keys are in an encrypted text file on multiple USB drives that are also encrypted. Only my computers with my Microsoft account linked to them can access the contents of those drives. I have a recovery certificate wizard in place if I somehow lose access to any of the drives and the recovery key for that is elsewhere. I'll never save my sensitive data on any of those websites or apps that promise to securely manage your logins, I can't trust that shit.
You can also write them physically down
Put Linux or chimeraos on one and only worry about haxxed efi, another MS gift.
I have a mini forum pc and when I clean installed the Intel nic driver was listed wrong in device manager. Took me while to figure out the issue
What was the issue?
@@blazer511 I wond up downloading Intels entire nic driver zip but in device manager the device was I1225-v and windows update and minis forum own drivers said the same but the driver that works was for i1226-v. Could be an Intel issue but even their DAC software was downloading the former driver
Came off sketchy and I was a little sketched out because I had the ace magician machine first and chrome was doing wierd things like using a significant amount of cpu for no reason. So I thought I un-installed it (it was a headless server) and I thought it came back. This is why I replaced it and did a clean install of windows off the bat. Crazy couple weeks
>gaming NUC
Prebuilt machines like mini pc's, dells, lenovo, and the like pretty much always come with malware or undesirable "bonus" software that might as well be malware. First thing I do is repartition the drive and install some kind of linux. Unless it's my new windows machine, which I only need one of at a time or I'm setting it up for a friend. In that case, I still use a linux install usb but only to wipe/repartition the drive since fdisk gives you a good amount of control over the repartitioning. Then I swap it out for a windows install usb, select "no" on the ten thousand requests for enabling various types of telemetry, set up a local account, and install a suitable browser.
Been through that when I bought a laptop to compliment my self built desktop. The laptop came with a bunch of pre-installed software, all of which was legitimate but either a 30-day trial, after which I had to pay, or was a subscription based "portal" to (browser based) games or suchlike.
After digging around on the net I found that certain companies are paying the laptop manufacturers to install this crap, which they're happy to do because it allows them to sell their products at a lower and more attractive price, while the software people get their money back from the mugs who are fooled into thinking they must have the pre-installed garbage and pay for it.
There used to be a program called "PC-Decrapifier" (no longer in development) which did a great job of removing this junk when installed after first run, and I'm not sure if there's anything else like it now.
Convenience is never worth the risk, and using a factory windows installation is the dumbest thing i can imagine someone who is not tech illiterate to do (if you plan to use it long term).
I get it if my grandma uses it, but people like you have no excuse.
This is worrying. Personally I never buy from Amazon, I don't trust them. I have always built my own PC's to avoid this very issue and more, knowing that my PC is spec'd with high quality components and no proprietary garbage ( cough HP, Dell ) gives me a peace of mind. I still have to be very vigilant with software.
All bad advise assuming hardware and bios root of trust when in fact there is none. A lot can happen before anything on the hardrive boots and you can't really trust the memory mapper or microcode or CPU at that point. The best way to secure it is to throw it in the trash.
The manufacturers use a 3rd party to create the image for their machines. It is easy for someone working for the 3rd party company to slip something in. It is even possible for the company to have a bad actor in the company replace the image.
I now am worried about the 100 dollar mini PC I bought to use but have not used it very often.
Step 1 after buying a PC or other gadget with an OS, from anyone, including big OEM:
format
Would love to see a video on how to scan a newly bought machine [via USB key], without first having to go through the Windows setup process.
Simple : if you're unsure, have either your own boot drive or replace the hdd before you turn it own. Windows is free to download btw
@@phillysupra Am thinking about the mini PCs my work's buys for demo kits. I believe those only have soldered eMMC for boot drive and no SATA or PCIe ports. Good idea about Windows though as there are a multitude of scanners available, but can it be installed to a USB stick ? ( or could it be forced onto a USB stick?)
@@BobBeatski71 windows recommends a usb drive for its OS install. You'd have to boot into the bios to change the boot order if you want to install clean. I've kept a copy of windows since win95.
Also, I've rebuilt my personal pc at least 3 times already with all new hardware and have used the same windows key each time. No need to pay 150 bux each install.
@@phillysupra I'm thinking more along the lines of installing Windows onto a USB stick and boot from that so that I can scan the mini PC internal storage.
FYI the malware is just a part of these computers. They have open access chips on the boards that give ccp access to the computers scary part these chips are placed under other chips.
Kudos to the company for fessing up to you that they had a problem.
It was pretty undeniable. Since this video has dropped many other reviewers have found they dodged a bullet too.
Don't use biometrics. If compromised, you will not be able to change them.
That's why you install linux the moment you get new hardware
When I get a PC with a pre-installed OS, the first thing I do is to wipe the SSD and fresh install an OS downloaded from Microsoft or a Linux distro.
Be careful, turns out the BIOS keys are volume license multiple activation keys - not for resale, could be invalidated at any time.
So what's your suggestion to prevent in activity to happen with the BIOS key??
"Dealing with false virus reports". This is how this manufacturer has chosen to deal with this issue, calling reports like this false, and then releasing clean files to overwrite the infected ones, effectively brushing it all under the carpet. Check out this blatant attempt to discredit these reports on the acemagic drivers download page.
All my pcs hare clean instaled son as the box is open. all btands have some kind of spywhare or blotwhare.
They did not eliminate. They made harder. The moment I cannot bypass, the moment i refuse Windows.
what do you mean? i thought that computers shipped with Windows was normal...
I just wish creators could stop the secondary camera angle trend, it's just awkward and steal focus from the content. Here's there are even two off cameras. Cringe.
Can’t figure out which is my good side. You didn’t even get the top down or hand cam in this one 😂
And fast cuts. Getting dizzy.
Could you look into this brand also? Kamrui. it is suppose to be in the same family.
windows defender is not a good thing. A good thng would be like in linux or osx where you DO NOT NEED that.
Bitwarden is #1 !!! never hacked!