About the "Windows protected your PC" warning on install
When you install MoonScanner for the first time, Windows probably showed you a blue screen that said "Windows protected your PC" with a Don't run button and a small More info link. If you clicked around, you eventually found the Run anyway option tucked behind that link.
That's not a bug, it's not a virus, and it's not going to stay that way forever. Here's the straight explanation.
What SmartScreen is actually doing
Windows SmartScreen is Microsoft's reputation system for executables. When you run an installer, Windows checks:
- Is this file digitally signed? A signed file includes a cryptographic signature from a known publisher.
- Does Microsoft recognize this publisher? Even signed software from a brand-new publisher shows a warning until Microsoft has seen enough installs to trust the identity.
MoonScanner's installer is currently unsigned. The warning you're seeing isn't "we detected malware" — it's "we don't know who made this and we can't verify it's what the developer originally built."
Why we haven't signed it yet
Code signing certificates for Windows changed significantly in 2023. Microsoft now requires Extended Validation (EV) certificates for the fastest SmartScreen reputation gains, and EV certs require a hardware USB token physically shipped to the publisher. Between the hardware cost and the slow reputation build even after signing, it was hard to justify as an indie developer.
Then Microsoft launched Azure Trusted Signing in 2024 — a managed signing service that removes the hardware token requirement. Setup takes a few weeks (business verification, identity checks, the full process), and we're working through it now.
When it completes, future MoonScanner releases will be signed, and the SmartScreen warning will disappear for most users almost immediately.
How to verify your download right now
Fair question: "How do I know the installer is actually what LXB Studio published, and not something modified along the way?"
Short answer: SHA-256 hashes. We publish the SHA-256 hash of every MoonScanner installer on the moonscanner.app homepage, in the Installer Verification section. The hash is a unique fingerprint of the exact bytes of the installer — if one byte is different, the hash is different.
To check your download, open PowerShell in the folder where the installer lives and run:
Get-FileHash MoonScanner-v1.1.0-Setup.exe
Compare the hash PowerShell prints against the value on the homepage. If they match, the file is authentic. If they don't match, don't run it — download again from moonscanner.app and re-verify.
This is the same verification pattern Linux distributions have used for decades. Less convenient than a built-in Windows trust indicator, but just as reliable.
Is it safe to click "Run anyway"?
If the SHA-256 hash matches, yes. The SmartScreen warning at that point is about an absent signature, not about detected malware. Windows Defender still scans the file for known threats regardless of signing status — signing doesn't bypass antivirus.
If the hash doesn't match, no. Re-download and re-verify first.
When signing is live
We'll post an announcement here the moment Azure Trusted Signing setup is complete. New installers will carry a valid signature from LXB Studio LLC, the warning goes away for most users, and any license you already have continues to work — nothing to re-activate.
If you have concerns about any of this, reply here or drop a note in the support category. A real person (usually me) reads every one.
— MoonBoss
