We purchased a small Pick and Place machine from China for doing small batch runs and prototypes. This post is to document the experience of buying and setting up a ZhengBang ZB3245TSS Pick & Place Machine. The company offers several other models, but we chose this one as it has 58 possible feeder slots meaning we could keep almost all the standard SMD components we usually use in the machine.
Spoiler Alert: Our machine came with malware preinstalled which was able to infect any USB device plugged into it! This will be discussed later in the article.
We ordered the machine on AliExpress at a total price of about £4k GBP excluding import duty. It arrived just before we shut down for Christmas so it sat for a week before we had chance to look at it. It came pretty well packed in a large wooden crate and needed two people to lift it out of the box to put it in place.
There was not really much to plug into the machine to get it started. Basically monitor, keyboard, mouse. When switched on the machine would boot very quickly into Windows 7 Ultimate. When asking the supplier if we could update it to W10, we were told that it would stop the machine from working. A little disappointing since this is a brand new machine and W7 has been out of support since Jan 2020.
The machine came with two aluminium bars and a round rod which were not mentioned in the manual or videos. Support told me it is to hold the larger reels and sent a photo. Unfortunately it seems they sent the wrong part as there is no way for those parts to fit to the machine meaning at this point we are stuck being able to use only smaller reels. They have told us they will send out the correct part to us.
Being a machine direct from China and at relatively low cost compared to a branded competitor product, our expectations were to have to do a little work to get going with it and work around the typical Chinese product bugs and flaws. Much of the OS and other software on the machine was in Chinese which is a bit of a pain, but the main operating software was in English (well, sort of).
Opening the software called FlyerSMT_HV brought up an unsurprisingly crude looking interface, which homed the machine without any difficulty. We have used pick and place machines before so are familiar with their operation so had a quick look around at the settings and controls. They seemed familiar enough though the English words used to describe them are a little hard to understand. Well there’s always an extensive user manual to refer to right?… Right?
Zhengbang ZB3245TSS User Manual
There was a desktop shortcut on the machine to an English user manual for the machine. There was also a video file demonstrating basic setup. The first pages of the manual show all the parts and buttons labelling what they are called, though only what they are called and rather little about what they may do. For example, there’s a big button on the side of the machine called “FAST BOOT”, and in the manual this is pointed at with a label saying “Fast Boot”… and that’s it! One might guess that this was some sort of fast start-up for the machine, though with it booting from an SSD it was pretty rapid anyway. If you also guessed the same, you would be wrong. We had to ask the supplier what it does as nothing in the manual or videos describes it. We were told “Fast Boot is a button ,if you done finished one time placement,then click this button ,it will directly to placement another PCB.”
One of the first things to do with a pick and place machine is to set up the feeders with your components. There is a section about this in the manual, but again it is very vague and we had to contact support to clarify some points. You might expect that each of the input parameters would be described in the manual, but unfortunately they are not. The bad English makes it even harder to figure out. Support sent us a selection of YouTube videos with some guidance which did help.
At this point we felt we could at least get started editing feeders and setting up so the software on the machine was backed up to a USB stick in case we messed anything up. When plugging this USB into one of our workstations, the AntiVirus immediately popped up saying it was disinfecting the drive! Looking at the log showed it to be the file “FlyerSMT_HV.exe” which is the main operating software for the machine! This file was uploaded to VirusTotal to get an idea if it may be false positive result. VirusTotal told us that 53 out of 69 AV products flagged it as malware. Zhengbang support were told about this and they told us it is a false positive and not to worry as there is AV software installed on the machine. We were sent a new zip file with the software in it. The contents of this zip file did not flag up as containing malware.
We sent the file for proper malware analysis which did confirm that it did indeed contain malware. The malware would collect user data and send it to a remote address. Presumably it would be a way to steal company information such as designs, accounts, and so on. Pretty shady stuff! However, it doesn’t end there!
With the new, uninfected software from Zhengbang, we thought we can just replace the infected one and try again. That seemed to work ok, and we also copied over a few malware removal tools to the machine to make sure. When putting the USB back into a workstation, up pops Bit Defender again, but now flagging up the installers for tools we had just downloaded! They were all showing as having the same infection as FlyerSMT_HV. How could these be infected as they were from legitimate sources and did not flag up when originally downloaded?
After scanning the embedded PC in the Zhengbang machine, with several different AV tools, we discovered more malware including trojan downloaders. This malware would make a hidden copy of any exe on the USB stick, and then re-pack it with some included malware. Clever stuff!
Lots of scanning and manual work eventually has the machine showing up as not infected and the USB devices are no longer being infected. W7 has been updated as far as it can be too, and so far it appears OK. Really though it would be better to replace the SSD with a legit English copy of windows and re install only the software needed. However we will need to make sure we have a copy of all the necessary drivers and so on to get it going again.
AliExpress Says Malware is OK
We contacted Ali Express to report that machines were being sold with preinstalled malware, but their response was not forthcoming. They stated that it does not breach their terms and that no action will be taken. While it may not be against their policy, we know that it is against UK law according to the computer misuse act. Deliberately infecting systems using subterfuge to access computer data without permission is a criminal offence. So there you have it, if you want to sell machines with malware for illegal means, Ali Express has your back! Below is their reply to us…
“Please be informed that the reported listing(s) is / are neither prohibited nor controlled item(s) under our Product Listing Policy.”
Installing Clean Software
We replaced the SSD with a new 256GB mSATA drive and replaced the 2GB RAM module with a 4GB stick. We were told, that the system will not work on Windows 10, but we wanted to at least give it a try and see if there was anything we could do to get it working. We cloned a clean Windows 10 64-bit installation to the SSD which booted up fine and found most of the drivers. The LAN driver was not picked up, so we had to download this from Gigabyte on a another PC and transfer it by USB. Once online, it was fairly straightforward to install the remaining drivers for the motherboard.
The Zhengbang ZB3245 pick and place machine vision cameras are analogue cameras connected to a small PCIe capture card in the built in PC. The capture card in our machine is a Goldvision HV4000 which appears to be a fairly old bit of kit and we could find no legitimate support or drivers for it online. The original hard drive did have a copy of the drivers which we were able to install, but only after disabling driver signature enforcement in windows. Installing the drivers seemed to make the machine blue screen and we have not been able to get any images form the cameras.
The virus-free copy of Flyer_SMT.exe would not run initially as error messages pooped up about missing DLL files. These were common Visual Studio files, so we installed the VCC Redistributable pack from Microsoft and then tried again. The software loaded up, and was able to home the machine normally so appeared to be fully functional apart from the vision cameras. If at some point we find a way to get them to work in W10 we will post here, but at this point we decided to install a clean copy of Windows 7 Pro. We opted for dual boot with a separate partition so that we could go back to the W10 installation if needed later.
Installing Windows 7 32-bit on a new machine felt kinda wrong, but it only has one job to do so it doesn’t matter a great deal as long as it works and stays malware free. The process was similar, though for some drivers we needed to look up the hardware IDs on the PCI database to find the drivers. Once it was all installed the software ran OK, but again no cameras. We contacted Zhengbang support and were told to remove the HV4000 capture card and clean the contacts. This appeared to work, and the system now seems to be operational. However, we booted W10 to have another look if the card would work there now, but it didn’t show up in device manager. When going back to W7, the card was not showing up, and there was no working vision again! We discovered that if the machine were powered off at the mains, and rebooted direct to W7, the HV4000 card would reappear. Weird.
Inside the Zhengbang ZB3245TSS pick and place machine
Opening the machine is fairly simple with a few hex bolts around the top perimeter holding the heavy work area down to the base. With these removed, the top lifts up with hinges at the back and there’s a handy bar inside to hold it up. The hinges at the back do look rather undersized for how heavy the top is, so take care if you open one of these machines!
Inside is quite neat and tidy with the PC inside the black box in the rear left. The PC appears to have an HDMI port and I/O for audio, so if you wanted a different screen, or some audio, this would be possible.
Once we had the system working, We cloned the SSD to an old hard drive using an Acronis bootable USB. Plugging the hard drive into the USB3 ports via a SATA/USB adaptor didn’t work as it just caused the ports and therefore the keyboard/mouse to stop working. We had to use a SATA dock with independent power supply and this worked fine. With the system working, backed up and virus free, we could now get on with adding reels to the feeders.
Adding Component Reels
We are at the point where we can start adding parts (apart for the larger reels due to the missing bits). We will update this article as we go along and add as much useful info as we can for anyone else with such a machine.
We’d love to hear your feedback if you used one or have any suggestions for things like getting the Goldvision HV4000 capture card to work in W10.