"Couldn't load XPCOM" - Browser is completely bricked. Topic is solved

[back2themoon]

Open Windows Security → Virus & threat protection
Scroll to Virus & threat protection settings → click Manage settings
Scroll to Exclusions → click Add or remove exclusions
Click + Add an exclusion → choose Folder
Browse to the folder and confirm

OR use this tool:

https://www.sordum.org/10636/defender-e ... tool-v1-4/

BTW I did not notice a message from WDefender that it had done anything.

Isn't it great? Does all the work for you - no need to know anything.

[Moonchild]

Also, it seems the antivirus team at Microsoft made some big mistakes. Another false positive nuked DigiCert root certificates breaking trust chains on many systems.
https://www.digicert.com/blog/microsoft ... as-malware

[gorodn]

Aaaaahh Moonchild, I think you made a mistake here - it wasn't only the antivirus team, it was the whole extended crew. I'm put in mind of the old saw: "Why should I pay for Windows when I can get malware for free?"

My recommendation for malware is AppGuard for day-to-day usage, with EmsiSoft for scanning. I use the Emergency scanner on a more or less monthly schedule to just sweep out the usual suspects, but if you're wedded to AV scanners as a technology then the full EmsiSoft suite should be adequate. And no, neither of these give me any reward. I would actually be using them, except for Microsoft's expected stupidity in not allowing Defender to be fully uninstalled... somewhat less useful than Outlook (probably the most dangerous email client available). Defender is spending most of its time fighting itself and arguing with PowerShell.

[back2themoon]

I feel I need to stress again a few points. Antivirus-es today are mostly about Web Protection, not single, nefarious virus files downloaded from questionable websites - although this can still occur too.

Windows Defender's Web Protection is only fully active on Microsoft Edge. That's "SmartScreen" It might only partially work on "known browsers", and is most probably ineffective, or even completely irrelevant on Pale Moon. So, it does mostly nothing for Pale Moon users.

What does exist is "Network Protection". This is an enterprise feature that extends protection at the network level, system-wide. It is not enabled on home versions on Windows. It can be enabled via PowerShell, however: I cannot vouch for its effectiveness, especially for Pale Moon, and I'd never recommend any user to enable this on a home PC. You will probably open another can of worms and still remain on the same, unfriendly UI and poor performance. Most probably poorer, due to the extra work.

[athenian200]

Also, it seems the antivirus team at Microsoft made some big mistakes. Another false positive nuked DigiCert root certificates breaking trust chains on many systems.
https://www.digicert.com/blog/microsoft ... as-malware

Yep, I actually did hit that issue (even though Pale Moon and UXP software was never flagged on my system). Interestingly, even Microsoft's own Copilot admits that Defender often has false positives and told me before this was public knowledge that Defender got it wrong and those root certificates were probably fine, even offering to tell me how to add them back after Defender removed them.

[ownedbywuigi]

Also, it seems the antivirus team at Microsoft made some big mistakes. Another false positive nuked DigiCert root certificates breaking trust chains on many systems.
https://www.digicert.com/blog/microsoft ... as-malware

Yep, I actually did hit that issue (even though Pale Moon and UXP software was never flagged on my system). Interestingly, even Microsoft's own Copilot admits that Defender often has false positives and told me before this was public knowledge that Defender got it wrong and those root certificates were probably fine, even offering to tell me how to add them back after Defender removed them.

FYI: Copilot is actually just a wrapper for ChatGPT. MS just pays OpenAI a shit ton of money to let them use their models.

[algorimancer]

I've had this problem for the past week. Tried uninstalling and reinstalling, no luck. Installed an older version, and the problem persists. Also manually deleted Pale Moon directory from the Program Files directory. No luck. Went on vacation for several days, hoping it would be resolved, but upon returning and installing Pale Moon it is still there. Tried installing from Windows Store, same problem.

I tried excluding the Pale Moon directory from Windows Defender, but then when I run the browser I immediately get the message:

c:\Program Files\Pale Moon\mozjs.dll is either not designed to run on Windows or contains an error. Try installing the program again or contact your system administrator or the software vendor for support. Error status 0xc0e90007.

Upon googling the error, it says: indicates a "Bad Image" issue, usually caused by corrupted Visual C++ Redistributable files, missing DLLs, or a 32-bit/64-bit architecture mismatch.

Clicking past this message, I immediately get another message: Couldn't load XPCOM.

It is looking to me like there may genuinely be a problem with mozjs.dll, completely aside from being blocked as Trojan:Win32/Posilod.EB!c. Possibly this is due to some change made in updates to Windows 11 which are incompatible. It has been a long time since I did VC++ development, but maybe it would be worth recompiling mozjs.dll to account for the current state of Windows 11?

[Daikun]

It is looking to me like there may genuinely be a problem with mozjs.dll, completely aside from being blocked as Trojan:Win32/Posilod.EB!c. Possibly this is due to some change made in updates to Windows 11 which are incompatible. It has been a long time since I did VC++ development, but maybe it would be worth recompiling mozjs.dll to account for the current state of Windows 11?

Windows Security is false-flagging that file as a Trojan. Go into Windows Security -> Protection history. Click the false Trojan file. Click Actions -> Restore.

Then use the steps provided at the top of this page to exclude the Pale Moon folder from being scanned (and false flagged) by Windows Security in the future.

[Moonchild]

I'm not entirely sure why this problem persists; it's just a false positive and Microsoft should update their definitions accordingly; normally this happens within 12 hours, not days.
as for the "bad image" error, it's because your system tried to load the dll, and then while it's being loaded, defender steps in and kills the load in progress, confusing your OS as to the state/compatibility of the .dll as it could access it initially but is then blocked from loading functions from it.