I found another AceMagic PC with a Concerning Security Issue

แชร์
ฝัง
  • เผยแพร่เมื่อ 22 ธ.ค. 2024

ความคิดเห็น • 220

  • @LonSeidman
    @LonSeidman  10 หลายเดือนก่อน +22

    I'm seeing a lot of comments about how companies will likely make sure the malware is not on review units. In this situation the malware appeared ON reviewer units. Most of the time they ship reviewers out of the same Amazon stock they send to consumers. The initial units I received, the ones that tested clean in this video, arrived before the ones that TheNetGuy got for his channel.
    I also totally forgot to mention the giveways :). You can sign up for my store alert email: lon.tv/storealert to get notified of upcoming giveaways and gadget sales. You can also follow my account on WhatNot with my affiliate link: lon.tv/whatnot where you'll get $15 to spend on their platform.

  • @TheNetGuy
    @TheNetGuy 10 หลายเดือนก่อน +70

    Hey Lon, I’ve been a huge fan of your work and long time sub. Thanks for mentioning my video. Wow - blocking defender now?! That is super sketchy. Thank you for your diligent research. It looks like the virus issues were isolated to c:\Windows\OsVer folder and some EXE files that were >100kb. If they are there and over 100kb that’s the bad files. If around 5-6kb they are just their normal bypass. The fact they can bypass the network setup portion of Windows 11 - a Microsoft requirement for the OS even from OEMs, it tells me they’re probably using Enterprise volume keys vs retail/OEM. I had an issue trying to activate on a clean install which is why they have all those stickers 😮. Oh, I'll add my ship date was Dec 20th and by Jan 5th my "P2" machine was clean, but had Chrome. They keep improving... or devolving :(

    • @ariessilva
      @ariessilva 10 หลายเดือนก่อน +5

      Bought my am06 pro in November and just scanned it and it was infected! Thanks for finding out about this!

    • @GregM
      @GregM 10 หลายเดือนก่อน

      @thenetguy did the P2 Chrome installation have any extensions that changed the search engine? That was one of the things they had done.

    • @TheNetGuy
      @TheNetGuy 10 หลายเดือนก่อน

      @@GregM no, it was vanilla. I think they learned that lesson.

    • @LonSeidman
      @LonSeidman  10 หลายเดือนก่อน +11

      Thanks for drawing attention to this issue! I've always been curious how these Chinese mini PC makers get these great deals on Windows 11 Pro. In some cases the PCs don't cost much more than a license does standalone. I'm not sure what's going on with them - as you saw the earlier PCs I had looked clean, Defender worked, etc.

    • @warfab75ph
      @warfab75ph 10 หลายเดือนก่อน +2

      Maybe they integrated those Microsoft activation scripts into their images. They wouldn't have to pay Microsoft anything if they did it that way.

  • @traviscunningham_1
    @traviscunningham_1 10 หลายเดือนก่อน +21

    AceTragic
    Great video. I just bought a Beelink mini PC and I ran it through significant scans and continue to. So far so good. I love that little machine.

  • @charlesgi5058
    @charlesgi5058 10 หลายเดือนก่อน +28

    Appreciate you calling attention to this issue.

  • @samadams4582
    @samadams4582 10 หลายเดือนก่อน +28

    I work in IT and we apply a custom image for every device that we deploy out. It includes specific software already in the image. You can customize the settings to not even show the OOBE after sysprepping the image and even disable Windows Defender when the computer starts up, blocking Microsoft accounts and even creating backdoor accounts.
    Even though we only buy from the large OEMs, we still want to make sure that there's no junkware or other malicious products running and that's why we apply the image. It also allows us to keep 1 image up to date and when we deploy it across new devices, it's already mostly updated, whereas some vendors images can be very out of date.

  • @psychoacer
    @psychoacer 10 หลายเดือนก่อน +13

    I mentioned below but your system most likely is registered with an enterprise cd key that's meant for clients in a large business. The one's that companies buy in bulk and use to install on all their office pc's. So your cd key is for a client and not the admin. This is my guess but considering that you can buy these cd keys for cheap online through the "black market" I'd say it might be it.

    • @soundspark
      @soundspark 10 หลายเดือนก่อน

      Likely where the keys NorthridgeFix started advertising come from too?

  • @TechwithSTONE4
    @TechwithSTONE4 10 หลายเดือนก่อน +19

    Its getting to the point, when you buy a any PC we should do a clean install.

    • @ServusLibertate
      @ServusLibertate 10 หลายเดือนก่อน +2

      That's what I always did.

    • @jothain
      @jothain 10 หลายเดือนก่อน +4

      Doing that for decades. Heck early 2000's especially. All brand computers have s tons of useless garbage in them. Simplest to just reinstall os.

  • @estried86
    @estried86 10 หลายเดือนก่อน

    Thanks Lon for following up on this, and doing a video on this important subject. #respect

  • @CantankerousDave
    @CantankerousDave 10 หลายเดือนก่อน +15

    12:35 - To be fair, plenty of nerds feel that being forced to use a Microsoft account is equally concerning and appreciate the instructions on how to bypass it and set up a local account instead.

    • @JessicaFEREM
      @JessicaFEREM 10 หลายเดือนก่อน +1

      you can also just type in like test at example or something like that.

    • @markanderson2904
      @markanderson2904 10 หลายเดือนก่อน

      @CantankerousDave Just google "bypass Microsoft account setup". During windows installation, when asked to enter you Microsoft account, look for "skip this step" or "use local account" or similar. The installation will ask you a couple of times to setup a Microsoft account, but will eventually allow you to skip that.

  • @Razor2048
    @Razor2048 10 หลายเดือนก่อน +6

    It is also recommended to run malwarebytes when scanning those systems, while its full scan is slow, it works quite well.

    • @Comm0ut
      @Comm0ut 10 หลายเดือนก่อน +2

      If you write zeroes to the drive then reinstall that's even better. I don't save factory installs.

  • @jerrygeorgopolis8015
    @jerrygeorgopolis8015 10 หลายเดือนก่อน +1

    Lon, Excellent find of Malware on various units ! Good morning !

  • @joeyjojojunior4886
    @joeyjojojunior4886 9 หลายเดือนก่อน

    Thanks for addressing this. There’s a lot of reviewers of these mini pc’s and I’ve only seen 2 others bring this up.

  • @GregM
    @GregM 10 หลายเดือนก่อน +19

    The thing is the malware was hidden on the recovery partition which is at the end of the hard drive and which normally is not assigned a drive letter. The same goes for the EFI partition at the beginning of the drive. You would have to use Disk Management to assign drive letters to these partitions. Pull that NvME drive out put it in a NvME drive carrier and scan it outside of the computer in another computer.
    I would nuke these from orbit and do a clean install on these mini pcs. This would show whether they are using a kludged version of Windows11.

    • @cjc363636
      @cjc363636 10 หลายเดือนก่อน +1

      Nukem from orbit. Absolutely!

    • @SpaceCadet4Jesus
      @SpaceCadet4Jesus 10 หลายเดือนก่อน +1

      @@cjc363636 Who wants to go to orbit to do that? I like my comfy chair.

    • @jothain
      @jothain 10 หลายเดือนก่อน +2

      I bought used business laptop from reputable company. Still first thing I did was looked that system seemed to be working fully hardware wise. After that confirmation, boot into Linux live and new mbr and deletion of all partitions and OS reinstall from my own media.

    • @ytmadpoo
      @ytmadpoo 10 หลายเดือนก่อน +1

      Yeah, when it's that sketch and you're already suspicious that malware is present, definitely scan it on another system entirely. Forensics 101.

    • @shmehfleh3115
      @shmehfleh3115 10 หลายเดือนก่อน

      @@cjc363636 It's the only way to be sure.

  • @jimtailor6609
    @jimtailor6609 10 หลายเดือนก่อน +1

    Thanks Lon. I know we can all count on you to stay on this! This situation does not bode well for any of the off brand computers.

  • @TrusteftTech
    @TrusteftTech 10 หลายเดือนก่อน +10

    Outside of something hiding in the BIOS or something, shouldn't securely erasing the SSD (or replacing it) and then installing your own copy of Windows, solve any potential problem such as this? Since the Windows license/computer is activated, you shouldn't have a problem doing a fresh installation and having it authenticating just fine...right?
    Cool video, thanks for sharing and good luck.

    • @Comm0ut
      @Comm0ut 10 หลายเดือนก่อน

      Safe activation is an option (the MDL and other forums explain how and why) so you can run whatever you like and activate it.

    • @Gramini
      @Gramini 10 หลายเดือนก่อน

      No need for secure erase, just install another OS (be it Windows or anything else) is enough.

    • @TrusteftTech
      @TrusteftTech 10 หลายเดือนก่อน

      @@Gramini What? no. Why risk it?

    • @Gramini
      @Gramini 10 หลายเดือนก่อน

      @@TrusteftTech Because there literally is no risk. Installing a fresh OS overwrites the partition, so the files are no longer there. Worst case would be that the bytes of the compromised files are still there somewhere, but unused and inaccessible from the file system.

    • @TrusteftTech
      @TrusteftTech 10 หลายเดือนก่อน

      @@Gramini It's silly not to do it.

  • @motomagic79
    @motomagic79 10 หลายเดือนก่อน

    Thanks!

    • @LonSeidman
      @LonSeidman  4 หลายเดือนก่อน

      Thanks for your support! Sorry for the late reply :)

  • @JessicaFEREM
    @JessicaFEREM 10 หลายเดือนก่อน +1

    it doesn't matter if you had to go through the OOBE, microsoft included a method to bypass the OOBE for OEMs to preinstall junkware and then reboot back into the OOBE.

  • @MyITSandbox
    @MyITSandbox 24 วันที่ผ่านมา

    From my many years of IT experience. One of the first rules when receiving desktop/laptop computer hardware from less known computer manufactures, containing pre-installed version of Windows; format the drive and re-install your operating system (Windows/Linux).

  • @foxglove9
    @foxglove9 10 หลายเดือนก่อน +2

    Great followup. Curious to see where this goes. I recently got one of these mini PC's from a different, but similar, manufacturer and I have always been concerned about malware or spyware. I mainly use it offline and never use any personal passwords.

  • @OldMan_PJ
    @OldMan_PJ 10 หลายเดือนก่อน +6

    Do a clean install of Windows using the installer from Microsoft and see if it still activates and has Defender working.

  • @DalmationProductions
    @DalmationProductions 10 หลายเดือนก่อน +8

    And this is why I don't trust Mini-PCs in terms of lesser known manufacturers

  • @NexGen-3D
    @NexGen-3D 10 หลายเดือนก่อน +17

    Every time I purchase one of these mini pc's I wipe it, install a fresh copy of Windows and then spend the better part of a week trying to find all the drivers for the weird arse hardware they used, better to buy a used Dell Micro, at least the drivers are easier to find....

    • @WareWolf801
      @WareWolf801 10 หลายเดือนก่อน +4

      In device manager, the device ID of whatever item needs a driver, will help you find it's driver...

    • @NexGen-3D
      @NexGen-3D 10 หลายเดือนก่อน

      Oh I know buddy, but in the case of these mini PC's it can still be a crap fight to obtain operational drivers, one finds themselves downloading 5yr old driver packs from random places like Lenovo, Dell and HP to get things working, I've been messing with computers for over 40yrs, so I've been around this scenario many times.@@WareWolf801

    • @remixedcat
      @remixedcat 10 หลายเดือนก่อน

      with dell and thier service tag thingy they make it very easy to get exact drivers too @@WareWolf801

  • @TrenchReynolds
    @TrenchReynolds 10 หลายเดือนก่อน +20

    I recently bought a laptop from Chuwi. When Windows didn't ask me for my Microsoft account, I wiped the drive and did a fresh install of Windows.

    • @MegaSunspark
      @MegaSunspark 10 หลายเดือนก่อน +1

      Hmmmmmmm....Chuwi? The name itself is suspicious. Maybe it'll chew up your IT security. It's good that you wiped and clean installed, but like Lon said, you don't know what in the BIOS or UEFI, or even some of the chipsets.

    • @chaseschubert6711
      @chaseschubert6711 9 หลายเดือนก่อน +1

      Hello, I recently bought a mini pc and am seeing the same thing. I am wondering how to do the drive wipe and clean install like you did, can you help me?

  • @neilroder2845
    @neilroder2845 10 หลายเดือนก่อน +4

    Might want to do a scan with Malware Bytes. It has always found stuff missed by most Anti Virus software.

  • @John451vfr
    @John451vfr 10 หลายเดือนก่อน +6

    My Acemagic from Amazon had Defender, passed initial Scans, seemed fine but some weeks after all of a sudden Edge started spinning then Redline Virus alert popped up....Even though Remote Desktop was Off, I wonder if there is a Backdoor that loads the Virus afterwards or Virus remains dormant for a Time ?

    • @magis123
      @magis123 5 หลายเดือนก่อน

      yes that is exactly what they do

  • @MrJimbok1
    @MrJimbok1 10 หลายเดือนก่อน +1

    Couple ideas top check for deeper problems in these machine. Print out a copy of the devices that need device drivers, then install a plain copy of Windows onto the device. The hook up a pc between the minipc and the internet that logs all internet interactions. time ip address.port number, and that data going thru the internet and look for anything unusual. This also could be done by loading linux onto the pc and lloking for unusual inr=ternet transactions in the same way. This will probably detect problems in the bios and other hardware with software in them.

  • @dschirpke
    @dschirpke 10 หลายเดือนก่อน +7

    The problem I see is, are people really going to want to buy a computer that they can not trust and need to run a virus scan on before they can use it?

    • @federicocatelli8785
      @federicocatelli8785 10 หลายเดือนก่อน +2

      Saving a few bucks is not worth the hassle to me

  • @ThatGoth
    @ThatGoth หลายเดือนก่อน

    The problem is Rootkits kick in before windows and before your antivirus so you should be doing scans from bootable USB devices that also scan the EFI and Recovery Partitions.

  • @dschirpke
    @dschirpke 10 หลายเดือนก่อน +6

    No defender. To me, that means only one thing, time for a fresh OS install. I would not trust that thing at all.

    • @TheNetGuy
      @TheNetGuy 10 หลายเดือนก่อน

      And I've had problems with their Enterprise keys not letting you use non-Work Microsoft accounts to install. Quite the pickle.

    • @dschirpke
      @dschirpke 10 หลายเดือนก่อน

      Sounds fishy.

  • @SoySauceJohnny
    @SoySauceJohnny 10 หลายเดือนก่อน +2

    Lon, great video. I think they need to switch vendors or do the imaging in house. Something stinks here because even though there is the occasional dud, no one is complaining about the quality of the box.itself. I really like this mini PC trend and would hate to see bad actors spoil that trend- these machines are easy on the wallet and easy on the electric bill. I'm awaiting the follow up.

    • @LonSeidman
      @LonSeidman  10 หลายเดือนก่อน

      My thoughts exactly.. This is really about a quality control issue and setting some standards about what these machines should look like when they leave the factory.

  • @AdamNeal
    @AdamNeal 10 หลายเดือนก่อน

    I wonder what would happen if a fresh Windows from a USB drive was installed from the media creation tool? Or a Linux distribution?
    I like the mini PCs for small tasks and will keep in mind to trash the hard drives or wipe them clean.

  • @K24Z3CU2
    @K24Z3CU2 10 หลายเดือนก่อน

    I recently purchased an ex-gov lease HP mini G3 PC for my father and it came with Windows 11 Pro pre-installed and setup with a user account (User?) which I didn't like because it was already active and setup by someone else. I immediately formatted it and downgraded to a volume licensed version of Win 10 Pro. No issues to worry about now.

  • @annabelle-nn2ov
    @annabelle-nn2ov 6 หลายเดือนก่อน

    I received my AD08 mini pc last October, and I'm glad I received it "clean"! I think it may just be a problem with one batch.

  • @GaryZenkerStoryteller
    @GaryZenkerStoryteller หลายเดือนก่อน

    Thanks for the video. My question is that if I initialize Windows and allow internet access, haven't I already opened the barn door for problems for malware etc already on the machine. Shouldn;t there be a process that I DON'T allow internet access and run tests. Hitman won;t work if I do that, by the way

  • @DanDoesGame
    @DanDoesGame 10 หลายเดือนก่อน

    They sent me a mini PC as well, the one with the thermals on the front & I ran a malware scan.... mine also had malware

  • @-Brunnen-G
    @-Brunnen-G 10 หลายเดือนก่อน +1

    Windows has a superuser admin account you can activate so you might be able to reenable Windows Defender. The superuser account allows much more access to Windows than the "normal" admin account. There are instruction on how to do this online. That might illuminate some issues.

    • @Gramini
      @Gramini 10 หลายเดือนก่อน

      Regular Admin should be enough to change group policies.

  • @69mazzz
    @69mazzz 10 หลายเดือนก่อน +5

    Britec09 did 2 videos in the past week about this issue.

  • @John451vfr
    @John451vfr 9 หลายเดือนก่อน

    unfortunately purchased one of the Redline infected AD08 mini pc in January from Amazon, I replaced the SSD and installed a Retail copy of WIN11Pro. But now I'm concerned if there may be a Logo Virus on its AMI motherboard, has anybody checked for this ?

  • @jothain
    @jothain 10 หลายเดือนก่อน

    Lon. Could you try to recover the machine and see if Defender is still missing? If it is, then someone has fiddled around a lot with the OS level files.

  • @JessicaFEREM
    @JessicaFEREM 10 หลายเดือนก่อน

    most malware scanners only scan your main partition, the guy who scanned it did a full scan on the recovery partition and that's where he found it.

  • @MetalJesusRocks
    @MetalJesusRocks 10 หลายเดือนก่อน +3

    I reviewed a AceMagic mini pc almost a year ago and it didn’t have Chrome or anything weird on it thankfully. That said, this is all very disturbing and reminds all reviewers to make sure they double and triple check this stuff. Really bad stuff. 😢

  • @deersakamoto2167
    @deersakamoto2167 10 หลายเดือนก่อน +2

    Even more reason to make sure any mini PC you buy is Linux compatible and always do a clean installation of your favorite distro🐧

  • @RobNance
    @RobNance 10 หลายเดือนก่อน +3

    AceMagic is cooked. Why would anyone bother with them after watching your very informative and thorough video. Keep up the good work.

  • @LeeMaiden
    @LeeMaiden 10 หลายเดือนก่อน +1

    Reminds me of when Lenovo got caught with the spyware they were installing on the PCs they sold.

  • @Huck49
    @Huck49 3 หลายเดือนก่อน

    If I were to buy one of these computers I would immediately install a version of Linux on the hard drive and blow out windows would that alleviate the spyware or is it in the bios

  • @samK1XT
    @samK1XT 7 หลายเดือนก่อน

    Hi lon,
    Can you check if gmktec mini pc's are affected with any malware?

  • @wrxman16
    @wrxman16 9 หลายเดือนก่อน

    Serious question, just one of their units from Amazon and i signed into my google account after initial setup. I noticed chrome looked odd so i had google kick the login out through my 2 part verification on my phone. Am i screwed as far as the password stealing etc....? Im not tech savvy so im in the dark as to how a lot of this works.....

  • @CraigLong
    @CraigLong 10 หลายเดือนก่อน +2

    Security is something that many people don't take seriously.

  • @NinjaRunningWild
    @NinjaRunningWild 10 หลายเดือนก่อน +2

    Windows Defender being disabled is a MAJOR red flag. There could be malware on _any_ level of that machine; even down to the chip level. The only way to be sure is to run Wireshark (et al) & trace the IPs for a period of time to vet the machine, & even that might not be conclusive. I'd be nervous about even putting that on my network.
    - ex game programmer

  • @69mazzz
    @69mazzz 10 หลายเดือนก่อน +3

    Best to buy barebones and install your own HDD and Ram. Only way to ensure you have a clean installation.

    • @Comm0ut
      @Comm0ut 10 หลายเดือนก่อน +2

      Depends on the price since wiping is trivial before doing your own install. I keep a Ventoy live USB with a variety of live toolkits. All free so why not?

    • @Gramini
      @Gramini 10 หลายเดือนก่อน +1

      Or simply install the OS on your own. Using you own part is likely cheaper, but not necessary to do a clean installation.

    • @remixedcat
      @remixedcat 10 หลายเดือนก่อน

      some malware resides in UEFI/BIOS as well so you gotta watch out for that as well @@Gramini

  • @rchltmedia
    @rchltmedia 10 หลายเดือนก่อน

    how they managed to disable defender via group policy? i tried modifying gpedit, it always fails...

  • @michaeldemers2716
    @michaeldemers2716 10 หลายเดือนก่อน +2

    I want to get a new PC but this is happening all over the place. Even if you do a factory reset it doesn't help because it's in the chips. Scary stuff coming straight from a corporation.

  • @itiswhatitis8179
    @itiswhatitis8179 4 หลายเดือนก่อน

    I see that I can get an Acemagician A06 Pro for just over $200.00 right now. I have no intention of ever running Windows 11 on it, but am wondering if it can run Linux Mint Cinnamon without issue. Any feedback from others that have done this would be welcome. Processor would be AMD Rizen 7.

  • @danielM7181
    @danielM7181 10 หลายเดือนก่อน +1

    Maybe a windows clean install will solve the "defender" problem ?!

  • @Quint1975
    @Quint1975 3 หลายเดือนก่อน

    I'm looking to purchase a Mini Pc and from what I can tell, all the Chinese branded mini pc's are suspicious with some brands a complete no go. Are there any that I can even consider? Beelink and Trigkey from what I've researched seem the least likley to have malware/virus/spyware infections. Does anyone know a reliable, safe brand to consider? The machine isn't for me so I won't be able to run malwarebyte scans etc.

  • @7_of_9
    @7_of_9 10 หลายเดือนก่อน +1

    If it's Chinese or Russian or from India, you want to wipe the hard drive immediately.
    Now, we have found that many Chinese computers, smart plugs and Cameras have malwares inside their firmware.. Not your average joe can inspect a firmware and be knowledgeable enough to detect these malwares. A good percentage of them are found on Amazon as top sellers. Also a lot of these high 4k security cameras are used in sensitive areas and that's exactly what the Chinese dictator wants.
    I highly recommend you avoid all Chinese stuff, your smart plugs is sending data at 3am 😅. Seriously avoid everything Chinese for safety reasons!
    Not just computers, also batteries we found to have infected BMS.

  • @percival23
    @percival23 10 หลายเดือนก่อน +1

    What use of these computers would be so important that it exceeds the level of risk. I can't conceive any scenario.

  • @TheArchitect101
    @TheArchitect101 10 หลายเดือนก่อน

    Does anyone know if the ‘FIREBAT T8 Pro Plus Mini PC Intel Celeron N5095 N100’ from AliExpress are safe?

  • @jabonorte
    @jabonorte 10 หลายเดือนก่อน

    It's a shame this is happening - part of me feels sorry for the company but they dropped the ball on their due diligence. It's also exposed several other TH-camrs' cosiness with manufacturers, but I'm glad to see that you've given the issue a good look - that's the responsible approach that others have missed.
    Ace (insert name here) are probably a tiny brand, reliant on OEMs to do their manufacturing and I'm prepared to believe that they've been screwed by their hired help, but have had these devices manufactured by the container load and shipped to Amazon fulfilment centres for distribution to the general public. I shudder to think how much damage that scale of malware infection could cause

  • @MyTechGuyTim
    @MyTechGuyTim 10 หลายเดือนก่อน +1

    This is why I always boot to a USB having used the Windows Media creation tool to wipe the image the laptop comes with

  • @ronm6585
    @ronm6585 10 หลายเดือนก่อน +1

    Thanks for sharing.

  • @jackoneil3933
    @jackoneil3933 10 หลายเดือนก่อน

    Thanks for walking through this. Hard to trust such things even if completely wiped. I just spoke with an IT and systems engineer who recently returned Hong Hong, and he said they that malware and spyware was found embedded in major brand SSDs at the firmware level that was tied to CCP state actors. Even if you replace the SSD, can you trust the bios on such computers?

  • @WarisAmirMohammad
    @WarisAmirMohammad 10 หลายเดือนก่อน +7

    AceMalware

  • @MegaSunspark
    @MegaSunspark 10 หลายเดือนก่อน

    These cheap manufacturers using enterprise volume licenses for Windows is concerning. I upgraded a Windows 10 machine from HDD to SSD for a family member with a clean Windows install and I couldn't re-activate Windows. I suspected ahead of time that I might run into that problem because the laptop was purchased from some computer shop in a shopping center long time ago but it had been working ok all along until the reinstall. The only reason for the reinstall was that it had slowed down to a practically unusable crawl + the HDD. So I had to use a legitimate Windows license from an old retired machine that I had laying around.

  • @johnscott5105
    @johnscott5105 10 หลายเดือนก่อน

    I bought a couple mini PC''s in the past. Always felt the Windows licensing was a little sketchy. I always wiped drives and installed a fresh Windows from Microsoft's creator tool. The fact the Ace Magician model limits accounts to a local one and Defender is disabled is very concerning.

  • @declanmcardle
    @declanmcardle 10 หลายเดือนก่อน

    Is it (Windows) activated? Is the product key linked to your MS account or is it stuck somewhere in the BIOS?

  • @the_beefy1986
    @the_beefy1986 10 หลายเดือนก่อน +2

    ALWAYS reinstall your own OS on hardware when you purchase it. Use an installer you obtained from the OS vendor directly, not the hardware vendor. It might be a little more work to track down drivers, but you're probably a tinkerer if you buy these kinds of systems anyway, right? :)

  • @MADBONE0
    @MADBONE0 10 หลายเดือนก่อน +1

    Ventoy usb - fresh w10pro install
    😊🙌🏽

  • @marksmith9566
    @marksmith9566 10 หลายเดือนก่อน +1

    I would start by replacing SSD and reinstalling Win 11 Pro. Then see if Windows Defender is able to run. If not STOP and try to get a BIOS image.

  • @dschirpke
    @dschirpke 10 หลายเดือนก่อน +4

    In my opinion, in light of these recent developments, I say these mini pcs are only a viability option if you plan to run linux on them. The possibility that they may be infected means to be safe a clean OS install should be performed. You could install windows and spend time hunting for drivers, or you could install Linux.

    • @odin8807
      @odin8807 3 หลายเดือนก่อน

      And what mini pc you buy? Its easy to clean install linux mint?

  • @timothystevenhoward
    @timothystevenhoward 10 หลายเดือนก่อน

    agree with psychoacer below that this is most likely a Windows Enterprise Key. might be able to confirm that with some digging. Also, the malware was apparently embedded into the recovery partition or recovery image that came with the pre-load image. ie, you must nuke the whole OS, wipe and reformat and reinstall from a fresh clean drive. we are assuming at this point the bios is legit. still not a great situation. ymmv.

  • @bmiller949
    @bmiller949 10 หลายเดือนก่อน

    I usually use these mini PCs as my firewall. This could be scary if the malware was in the BIOS.

  • @remixedcat
    @remixedcat 10 หลายเดือนก่อน

    better to get an SFF optiplex or an NUC much cheaper and less malware on them... lenovo was good but they have malware in the bios so you gotta install coreboot or libre boot

  • @cordlesswire
    @cordlesswire 10 หลายเดือนก่อน

    whats the pc in the thumbnail? a rendering or an actual product?? thanks.

    • @LonSeidman
      @LonSeidman  10 หลายเดือนก่อน

      Rendering

  • @LeeMaiden
    @LeeMaiden 10 หลายเดือนก่อน

    I almost bought a Kamuri, but went with the Beelink EQ12, got it's Win 11 Pro on my M$ account, removed that NVMe and put another one in and installed LMDE 6, I don't care for Windows.

  • @reginafelangie6056
    @reginafelangie6056 10 หลายเดือนก่อน

    Seems quite suspect! Blocking Windows Defender says to me it's been messed with intentionally. I wouldn't want anything to do with that pc. Thanks for the video.

  • @漫贤曾
    @漫贤曾 6 หลายเดือนก่อน

    genius can you review ACEMAGIC again for other newer models from his family? Like the ACEMAGIC M2A.I've heard they've solved that problem.🤔🤨

  • @BlitzkriegGT
    @BlitzkriegGT 10 หลายเดือนก่อน

    i miss a lot of thing in your check see hiden files, check program list in control panel an wipe out the original drive

  • @russc788
    @russc788 10 หลายเดือนก่อน

    If you reinstall windows immediately does this resolve the issue?

  • @_GarethRossUK
    @_GarethRossUK 10 หลายเดือนก่อน +2

    That offline profile, isn't that a red flag for a cracked Windows installation? 😳

    • @psychoacer
      @psychoacer 10 หลายเดือนก่อน +4

      I don't think anyone cracks Windows anymore. They just use a 3rd party authenticator. So that wouldn't cause this issue. Most likely the key was for some form of enterprise Windows install. Probably a bulk IT cd key that treats everyone but the admin as a client/not admin. So it's restricting things that usually are maintained by the corporate admn.

  • @Chris_In_Texas
    @Chris_In_Texas 10 หลายเดือนก่อน

    You have a gray market computer as well with respect to Windows. Using the enterprise license I am sure if way outside the T&C, and that is why they want to make sure there is no network connection or it would have failed if you tried to create a MS account. 🤷‍♂🤦‍♂

  • @bhagmeister
    @bhagmeister 10 หลายเดือนก่อน +1

    Son on your upfront disclosure: did you say that all the units to be assessed were provided by ACE Magician? Pardon me but whether any money was exchanged, where is the integrity of the units provided? I would dare say those units should be treated as suspect rendering any assess for “spyware” null and void.

    • @LonSeidman
      @LonSeidman  10 หลายเดือนก่อน

      If I remember correctly these were shipped to me from them but through their stock in Amazon - the same stock customers would receive them from.

  • @itsaperfectdork
    @itsaperfectdork 10 หลายเดือนก่อน

    If i got one i would put my own copy of Windows on. i do that anyways with any pre loaded OS even with major brand names. This to me would be a tinker toy and no personal info would be on it.

  • @ToumalRakesh
    @ToumalRakesh 8 หลายเดือนก่อน

    They're still active on Amazon and they are very busy deleting comments mentioning the malware. This absolutely looks like it's being done on purpose.

  • @AxelPironio
    @AxelPironio 10 หลายเดือนก่อน +4

    PSA: don't plug any suspicious device into a home LAN :)

  • @z352kdaf8324
    @z352kdaf8324 10 หลายเดือนก่อน

    dang bro, I'm pretty sure you are in the dry cold north east, but get some gold bond on that skin... or get a humidifier...

  • @genepitney155
    @genepitney155 10 หลายเดือนก่อน +2

    I bought one and it was registered to Hu Flung Poo.

  • @-iIIiiiiiIiiiiIIIiiIi-
    @-iIIiiiiiIiiiiIIIiiIi- 8 หลายเดือนก่อน +1

    The ONLY recommendation you should be giving if people choose to still purchase these products is to wipe the entire drive and start from scratch.

  • @kumarp3074
    @kumarp3074 10 หลายเดือนก่อน +5

    I've always built my own PCs and will continue to do so. I like the Mini PC form factor but the level of control I get from a self built machine is worth a lot more to me.

    • @RomanOnARiver
      @RomanOnARiver 10 หลายเดือนก่อน +4

      You can get the best of both. Look into cases by Silverstone. They even have some that can fit a full size ATX board too. They're really good for under the TV.

  • @unknownuse
    @unknownuse 9 หลายเดือนก่อน

    Metal Jesus sent me here and said windows defender is all you need to be protected.

  • @BrunodeSouzaLino
    @BrunodeSouzaLino 10 หลายเดือนก่อน

    I guess this is the "magic" being performed by AceMagic... As per doing low level things like pulling BIOS files, Wendell from Level1Techs is one of the guys you can go to.

  • @CraigLong
    @CraigLong 10 หลายเดือนก่อน +1

    Do a Malwarebytes scan.

  • @christiancrow
    @christiancrow 10 หลายเดือนก่อน

    I play the The magician of spyware card ,
    Sorry i had to lol love the work you did !

  • @exodous02
    @exodous02 10 หลายเดือนก่อน +1

    Who gets these mini PCs and doesn't immediately install a fresh install of Linux or Windows, or any other OS? Don't use the software ANY computer vender installs. Even if you get a Dell or Lenovo wipe it and start from new.

    • @bigtom1948
      @bigtom1948 10 หลายเดือนก่อน

      You are right about Lenovo. My Ideapad 3 came with a nasty little trojan. Had to do a fresh install of Win 11 for that to go away it was that tenacious.

  • @ecwnikos
    @ecwnikos 10 หลายเดือนก่อน +1

    no defender no way for me

  • @jameswubbolt7787
    @jameswubbolt7787 10 หลายเดือนก่อน

    Your not a low level to me .Your videos are always great.

  • @The07059
    @The07059 10 หลายเดือนก่อน

    Just reformat it to a clean windows or Linux if the price is very compiling.

  • @bbgarnettTotallyNotABot
    @bbgarnettTotallyNotABot 10 หลายเดือนก่อน +4

    Keep up the great work

  • @ariessilva
    @ariessilva 10 หลายเดือนก่อน +1

    Damn it. I have the am06 pro and sure enough it had the trojan.... 😡 thanks for letting us know Lon! Time to change my passwords and nuke this os install

    • @bigtom1948
      @bigtom1948 10 หลายเดือนก่อน

      I dodged the virus/malware/trojan with my AM06 Pro 5700u model. Even so I did a clean install of the OS following Carey Holtzman's method and so far it's running like a champ. Here's a link to his method, it really worked well for me. th-cam.com/video/Qp2huqOVDkE/w-d-xo.html

  • @sbccave4015
    @sbccave4015 10 หลายเดือนก่อน

    Sophos scan and clean is the 100% free version of hitman pro