Advice Request Roblox Player desktop app not want to work without admin

Please provide comments and solutions that are helpful to the author of this topic.

cryogent

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
310
Hi,
i made some changes in H_C app and now i encounter a problem with Roblox player on standard account. Application is unable to start without admin psw because want to update before running.

I looked to see what's the error (EventID 865) and is because is trying to run the update from the Temp folder in C:\Users\USER NAME\Appdata\Local and is blocked from running by SRP
(when I was making the changes I was aware that some possible errors will occur) .

Trying to run the update from that location and because with each update the name of the Roblox folder created there changes its name each time i cannot use a "Whitelist By Path" exclusion in H_C.

How can I get it to run without needing the admin password each time and still have the same settings in H_C?

Maybe trigger a silent update through Task scheduler...but I do not know how to do it...

Changing the setting for "Update Mode" in "More SRP" from MSI to ON not lowering my security setup made in H_C?

L.E. - Roblox player is the one from roblox website not from Microsoft store.
 

Attachments

  • H_C settings.png
    H_C settings.png
    27.6 KB · Views: 134
  • Roblox error.png
    Roblox error.png
    10.4 KB · Views: 158
Last edited:
  • Like
Reactions: vtqhtr413
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,513
The setting < Update Mode > = MSI is mostly used with the H_C setting profile "Windows_10_Avast_Hardened_Mode_Aggressive". In this profile, the EXE files are globally allowed by H_C and protected by Avast Hardened Mode. When using that setting profile, Roblox player will auto-update without a problem.

If the user installed another AV, then the best option is to apply H_C Recommended Settings, where the < Update Mode > is set to ON. The security considerations related to this setting can be found in the Update Mode help:


1698594990731.png


If the user wants to keep < Update Mode > = MSI without whitelisting *.exe files, then the updates must be done manually when the SRP is temporarily switched OFF.
 
Last edited:
  • Like
  • Thanks
Reactions: simmerskool, cryogent and harlan4096
cryogent

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
310
Andy Ful said:
user wants to keep < Update Mode > = MSI without whitelisting *.exe files, then the updates must be done manually when the SRP is temporarily switched OFF.
Click to expand...
I already read it the manual and the explanation of "Update mode" but the pc standard user is used by my daughter and I don't want to lower the security by allowing all exe in temp folder for a single game/app.... I know I'm a bit paranoid...or I didn't understand correctly

Greyton said:
You can create an allow exception by creating file path that uses wildcard (*).

Code: 
C:\Users\<user>\AppData\Local\Temp\RBX-*\RobloxPlayerLauncher.exe
Click to expand...
Thanks, if the method I made today will not work I will try the wildcard path and see if it works although I've tried once before without success, it's a bit different from what I was using then.

FYI - I the meantime I find out that Roblox installer has two mode of installation with two different paths of destination.
If you install with "Run as administrator" command the destination is in "Program files" folder and if you install as Standard user the destination is in "Appdata\Local" folder.
 
  • Like
Reactions: simmerskool and Andy Ful
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,513
Greyton said:
Code: 
C:\Users\<user>\AppData\Local\Temp\RBX-*\RobloxPlayerLauncher.exe
Click to expand...

Yes. This more advanced method can work in many cases if the part of the updater folder has a fixed form. Sometimes the asterisk can be replaced by a sequence of question marks. For example, if the folder is "RBX-3246", then the rule can look like:
C:\Users\<user>\AppData\Local\Temp\RBX-????\RobloxPlayerLauncher.exe
 
  • Like
  • Hundred Points
Reactions: simmerskool, Greyton and cryogent
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,513
cryogent said:
Thanks, if the method I made today will not work I will try the wildcard path and see if it works although I've tried once before without success, it's a bit different from what I was using then.
Click to expand...
Did you use the < Add Path*Wildcards > for whitelisting (do not use quotation marks when writing the path)?

cryogent said:
FYI - I the meantime I find out that Roblox installer has two mode of installation with two different paths of destination.
If you install with "Run as administrator" command the destination is in "Program files" folder and if you install as Standard user the destination is in "Appdata\Local" folder.
Click to expand...

In both methods, the update process will probably be done via ..\AppData\Local\Temp. But, when installing with Admin rights, the installation path will be safer and already whitelisted.

If the previous method will not work, then you can try more general rule:
C:\Users\<user>\AppData\Local\Temp\RBX-*
 
  • Like
Reactions: simmerskool, cryogent and Greyton
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,513
cryogent said:
Yes, both.
Click to expand...

What AV do you use? If you installed Microsoft Defender + ConfigureDefender High Protection Level, then it is perfect.
I noticed that you block some LOLBins. That can be also a sufficient protection against weaponized documents, when scripting engines are blocked.
 
  • Like
Reactions: simmerskool and cryogent
cryogent

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
310
Unfortunately I don't use Microsoft Defender, I use Kaspersky free....
I blocked all Lolbins provided in FirewallHardening app and some exploit protection settings for Browsers , Excel, Word, Adobe reader.
The security i have is a combo of Kaspersky free + H_C + FirewallHardening + AdGuard Desktop + NextDNS.

And I have in testing few firewalls apps from I need to choose one, and if I find one to suit my needs I deploy on all 3 systems I have...but I'm still in testing, unfortunately firewall apps are not set an forget.
 
Last edited:
  • Like
Reactions: Andy Ful and simmerskool
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,513
cryogent said:
Unfortunately I don't use Microsoft Defender, I use Kaspersky free....
I blocked all Lolbins provided in FirewallHardening app and some exploit protection settings for Browsers , Excel, Word, Adobe reader.
The security i have is a combo of Kaspersky free + H_C + FirewallHardening + AdGuard Desktop + NextDNS.

And I have in testing few firewalls apps from I need to choose one, and if I find one to suit my needs I deploy on all 3 systems I have...but I'm still in testing, unfortunately firewall apps are not set an forget.
Click to expand...
Your current setup should be OK. You can also try the DocumentsAntiExploit tool (via SwitchDefeultDeny).

1698755818157.png


1698755852560.png
 
  • Like
  • Thanks
Reactions: simmerskool, cryogent and harlan4096

Similar threads

cryogent
Question User shortcut runas admin
Replies
5
Views
460
Windows 11
cryogent
cryogent
Gandalf_The_Grey
    • Like
    • +Reputation
New Update The Windows Windows App is real - replacing Remote Desktop app
Replies
2
Views
375
VM and Remote Access
cartaphilus
cartaphilus
Gandalf_The_Grey
    • Like
Security News This pregnancy app has a huge security flaw that it does not want to fix
Replies
0
Views
244
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top