Why does Windows Remote Assistance (MSRA) report "PPAppLockdr64.dll is not designed to run on Windows or it contains an error" 0xc000428 ?
An issue can occur when running Microsoft Remote Assistance (MSRA) or the Cortex XDR Tray Process (cytray.exe) with the Netwrix Endpoint Policy Manager (formerly PolicyPak) CSE installed, you will see one of the following error messages.
Error message seen is below and says "PPAppLockdr64.dll is either not designed to run on Windows
or it contains an error. Error status 0xc0000428.
This is a problem with Microsoft Remote Assistance (MSRA) and/or Palo Alto Cortex XDR Tray Process (cytray.exe) on Windows 10 1903 and later and also on Windows 11 when the Endpoint Policy ManagerCSE is installed.
There are at least two possible workarounds to the problem depending on whether the issue is with Microsoft Remote Assistance (MSRA) or Cortex XDR Tray Process (cytray.exe).
WORKAROUND 1
(RECOMMENDED) Will resolve the issue for both Microsoft Remote Assistance (MSRA) and Cortex XDR Tray Process (cytray.exe)
Disable the PolicyPak AppLock(TM) feature in the Endpoint Policy Manager CSE.
Endpoint Policy ManagerAppLock is the feature in PP App Manager which GRAYS or HIDES UI elements.
NOTE: Endpoint Policy Manager AppLock is NOT related to Microsoft AppLocker.
Here is the Endpoint Policy Manager side workaround if you are encountering this error:
How do I turn AppLock off or on based upon the CSE version I'm using?
NOTE: IIn general it is NOT recommended to stop Endpoint Policy Manager AppLock.
WORKAROUND 2
Only works for Microsoft Remote Assistance (MSRA).
Step 1 – Use the Windows Search to find "Exploit protection" and open exploit protection settings
Step 2 – Click "Program settings"
Step 3 – Then click "Add a program to customize", and choose "Add by program name"
Step 4 – Enter "msra.exe" and click "Add"
Step 5 – Scroll down the list of options until you find "Disable extension points"
Step 6 – Check the "Override system settings" and set the slider to "On"
Step 7 – Then click "Apply" to save your changes
Step 8 – If "msra.exe" is currently running, be sure to end task on "msra.exe" using taskmanager.
Step 9 – Now the next time "msra.exe is launched it will work properly without displaying the error.
Optional: FoFor Workaround 2 you can use Endpoint Policy ManagerScripts Manager to apply these settings to multiple computers/users via PowerShell, for steps please see the KB below: