Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

What's this "Validation Scan" all about?

My computer is running Win XP Pro SP2. I purchased it last year
via eBay, no install CD, etc. It’s been working fine. Up until just a few days
ago, I had it configured to do almost everything automatically, including
Windows Updates (Control Panel -> Security Center.) On a lark, I began
playing with “Help and Support” -> Updates. Make a long story short, when I
tried to check for updates, I had to run a validation scan and I got a message
saying I did not have a valid copy of Windows – that it had been installed with
a Volume License Key reported stolen or leaked. I was given an opportunity to
download something from Microsoft called “legitcheck” which supposedly will
make my copy of XP Pro “genuine” and qualify me for “full” Microsoft support. I
guess I’m missing something here.

The whole validation and activation thing (WPA, or Windows Product
Activation) is pretty confusing. Most folks were very concerned with it when
QPA was first introduced, but we rarely hear much about it these days. In
general it kinda, sorta works. We’re just not always sure why or how.

The original question was actually several, which I’ll address in moment.
But first, what’s it mean when it reports your install as invalid?

Become a Patron of Ask Leo! and go ad-free!

Naturally, Microsoft doesn’t publish the details of exactly what
that means. But at a high level, Microsoft simply keeps track of the Product
Keys (those strings of numbers and letters that you have to type in when
installing a product), and Product IDs (which are generated from the
Product Keys) that it has determined have been stolen or are otherwise invalid.
That might mean, for example a product key that’s been used too many times. In
fact, this Microsoft Knowledgebase article, “You receive a “The product key used to install Windows is invalid”
error message
“, lists specific product keys that Microsoft has determined
to be invalid. (I’m sure that this list is incomplete, and that other product
keys may also be invalid.)

When you install Windows and activate it, Microsoft has the opportunity to
record the product key you’ve used. If your single-use product key is suddenly
being used to install hundreds of copies of Windows … well, that’s pretty
much the definition of piracy.

The same applies for “Volume License Keys”, which are keys that may be used
on a pre-defined number of computers. These might be machine resellers who
pre-install Windows on all their machines for you, or corporations that use a
mass installation approach to building out their machines.

In any case, there are probably additional ways to determine when a key has
been abused.

Would it make any difference if the VLK (Volume License Key)
was reported stolen or leaked after this computer had the OS installed? In
other words, if Dell (for example) buys a VLK from Microsoft, installs XP Pro
on “X” number of computers, and then reports the VLK as stolen or leaked, do
those “X” computers suddenly become invalid? If a VLK is reported stolen or
leaked, doesn’t Microsoft have a way to invalidate the VLK and/or PID so
installations can no longer be done using that particular
key?

It’s unclear. Certainly they could become “invalid”, but if there’s
no way to differentiate the legitimate installs from the invalid ones, I don’t
think Microsoft can assume one or the other for all. If, for example,
they denied updates to legitimate pre-theft users, that would be both wrong and
a PR nightmare for Microsoft.

If I don’t have a legitimate copy of XP Pro installed, why
would Microsoft just go ahead and validate it? When did MS become
benevolent?

See the previous answer. My guess is that since they can’t positively tell
whether or not you, specifically, were the thief, they’re opting simply to
educate at this point. I would also guess that it depends on what they know
about the specific product key that was used. If they can say for example that
it was a one-use key that’d been circulated on the internet, then perhaps they
might not be so benevolent. But if they traced it back to a reseller who duped
a number of innocent purchasers, the public relations cost of making you pay
for that reseller’s theft might simply be too high to be anal about it.

Since I’m getting all the security updates/patches, how
critical is it (from an operating standpoint) that the XP be validated? What
would validation provide?

Originally it was not important at all. But my understanding is that
Microsoft does or will soon require validation in order to receive updates. The
bottom line is that if your copy is illegal, you aren’t entitled to updates. At
that point, in my opinion, getting legal and registering/validating becomes
critical.

Call me paranoid, but if I use the “legitcheck” can MS somehow
disable my computer remotely and hold me and my computer hostage until huge
sums of money are paid? 🙂

OK, you’re paranoid. 🙂 Of course it could, but I simply can’t see
Microsoft doing anything that outrageous. Once again, the public relations
fallout would be nightmarish, not to mention potential legal ramifications. (A
mission critical computer suddenly stops working because the software’s
pirated? Yikes!) And, even worse, what if that detection code had a bug? There
are just too many ways where this could cause serious problems. Regardless of
how evil or not you think they are, Microsoft simply isn’t that stupid.

Is there a specific Microsoft web site available where I can
get additional info about this “legitcheck”? I tried support.microsoft.com and
checked several areas without success.

“The Product Key is computed from the Validation Key.”

Actually heading off to the main Microsoft web site, microsoft.com lead me
to some resources. The most interesting, I think, is Windows Validation Assistant Questions. Another good
resource is About the Counterfeit
Gallery
. Among other things, it points out that “The Business Software
Alliance (BSA) estimates that ‘a high percentage’ of software sold on auction
sites is counterfeit.”

Depending on my access route, I have 3 different PIDs listed
for the XP Pro. System Properties shows one PID (start -> right click My
Computer); Help and Support -> Pick a task (tools) shows another; and the
registry (HKLM/Software/MS/WindowsNT/current version) shows yet another. Would
this anomaly have any bearing on MS saying I don’t have a valid copy of XP
Pro?

Perhaps. Given that we don’t know exactly how your computer was set up, it’s
hard to say why there might be different PIDs. On the machine I checked, PIDs
in the locations you reference all match.

I visited Magical Jelly
Bean
, used their Key Finder program and it gave me a 25 digit alpha/numeric
code. How does this “key” relate to the PID? If this computer has 3 different
PIDs attached to it, shouldn’t Magical Jelly Bean have found 3 different
keys?

Magical Jelly Bean’s Key Finder, which I have an use as well, reports the
Validation Key. The product CD’s are all identical, but the validation key
that’s printed on each the outside is different for each box. It’s intended
that each installation have a different, unique, validation key.

As I discussed above, manufacturers and corporations can purchase keys that
allow for volume installations using the same validation key on more than one
installation.

The Product Key is computed from the Validation Key.

As we already discussed, it’s unclear why you have three PIDs. I would
assume that Key Finder simply uses one of them to recover the Validation
Key.

Please understand that I’m not trying to screw Microsoft out of
anything. I purchased this computer in good faith. Moral of the story: If it
sounds too good to be true it probably is. Buyer beware.

I didn’t suspect you for a moment :-).

But as your adage is correct – the email spam we all get offering cheap
software, the software that comes “free”, preinstalled on a machine, or at a
discount at the auction sites – it’s all suspect.

And that’s actually too bad, because it does make it difficult for
legitimate retailers to sell their wares via the auction sites as well.

Do this:

Subscribe to Confident Computing! More confidence & less frustration -- solutions, answers, & tips -- in your inbox every week.

I'll see you there!

4 comments on “What's this "Validation Scan" all about?”

  1. How do I remove the “LegitCheck” and “GenuineCheck” from my desktop apart from just deleteing the icons? They don’t show up in the list in “add or remove programs” or “Windows Components” list.

    Cheers,

    Thom…

    Reply
  2. How do I remove the “LegitCheck” and “GenuineCheck” from my desktop apart from just deleteing the icons? They don’t show up in the list in “add or remove programs” or “Windows Components” list.

    Cheers,

    Reply
  3. I have recently updated to Windows XP Pro.
    I validated the CD and was told it appears to be a genuine product.
    I cannot download SP2 as the message comes up may not be genuine product.
    I am a complete novice with computers and would like to know if I can Download SP2 in simple terms.
    Regards………..Steve

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.