Advice Request Roblox Player desktop app not want to work without admin

Please provide comments and solutions that are helpful to the author of this topic.

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
310
Hi,
i made some changes in H_C app and now i encounter a problem with Roblox player on standard account. Application is unable to start without admin psw because want to update before running.

I looked to see what's the error (EventID 865) and is because is trying to run the update from the Temp folder in C:\Users\USER NAME\Appdata\Local and is blocked from running by SRP
(when I was making the changes I was aware that some possible errors will occur) .

Trying to run the update from that location and because with each update the name of the Roblox folder created there changes its name each time i cannot use a "Whitelist By Path" exclusion in H_C.

How can I get it to run without needing the admin password each time and still have the same settings in H_C?

Maybe trigger a silent update through Task scheduler...but I do not know how to do it...

Changing the setting for "Update Mode" in "More SRP" from MSI to ON not lowering my security setup made in H_C?

L.E. - Roblox player is the one from roblox website not from Microsoft store.
 

Attachments

  • H_C settings.png
    H_C settings.png
    27.6 KB · Views: 99
  • Roblox error.png
    Roblox error.png
    10.4 KB · Views: 120
Last edited:
  • Like
Reactions: vtqhtr413

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
The setting < Update Mode > = MSI is mostly used with the H_C setting profile "Windows_10_Avast_Hardened_Mode_Aggressive". In this profile, the EXE files are globally allowed by H_C and protected by Avast Hardened Mode. When using that setting profile, Roblox player will auto-update without a problem.

If the user installed another AV, then the best option is to apply H_C Recommended Settings, where the < Update Mode > is set to ON. The security considerations related to this setting can be found in the Update Mode help:


1698594990731.png


If the user wants to keep < Update Mode > = MSI without whitelisting *.exe files, then the updates must be done manually when the SRP is temporarily switched OFF.
 
Last edited:

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
310
user wants to keep < Update Mode > = MSI without whitelisting *.exe files, then the updates must be done manually when the SRP is temporarily switched OFF.
I already read it the manual and the explanation of "Update mode" but the pc standard user is used by my daughter and I don't want to lower the security by allowing all exe in temp folder for a single game/app.... I know I'm a bit paranoid...or I didn't understand correctly

You can create an allow exception by creating file path that uses wildcard (*).

Code:
C:\Users\<user>\AppData\Local\Temp\RBX-*\RobloxPlayerLauncher.exe
Thanks, if the method I made today will not work I will try the wildcard path and see if it works although I've tried once before without success, it's a bit different from what I was using then.

FYI - I the meantime I find out that Roblox installer has two mode of installation with two different paths of destination.
If you install with "Run as administrator" command the destination is in "Program files" folder and if you install as Standard user the destination is in "Appdata\Local" folder.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
Code:
C:\Users\<user>\AppData\Local\Temp\RBX-*\RobloxPlayerLauncher.exe

Yes. This more advanced method can work in many cases if the part of the updater folder has a fixed form. Sometimes the asterisk can be replaced by a sequence of question marks. For example, if the folder is "RBX-3246", then the rule can look like:
C:\Users\<user>\AppData\Local\Temp\RBX-????\RobloxPlayerLauncher.exe
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
Thanks, if the method I made today will not work I will try the wildcard path and see if it works although I've tried once before without success, it's a bit different from what I was using then.
Did you use the < Add Path*Wildcards > for whitelisting (do not use quotation marks when writing the path)?

FYI - I the meantime I find out that Roblox installer has two mode of installation with two different paths of destination.
If you install with "Run as administrator" command the destination is in "Program files" folder and if you install as Standard user the destination is in "Appdata\Local" folder.

In both methods, the update process will probably be done via ..\AppData\Local\Temp. But, when installing with Admin rights, the installation path will be safer and already whitelisted.

If the previous method will not work, then you can try more general rule:
C:\Users\<user>\AppData\Local\Temp\RBX-*
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
Yes, both.

What AV do you use? If you installed Microsoft Defender + ConfigureDefender High Protection Level, then it is perfect.
I noticed that you block some LOLBins. That can be also a sufficient protection against weaponized documents, when scripting engines are blocked.
 

cryogent

Level 7
Thread author
Verified
Well-known
Oct 1, 2016
310
Unfortunately I don't use Microsoft Defender, I use Kaspersky free....
I blocked all Lolbins provided in FirewallHardening app and some exploit protection settings for Browsers , Excel, Word, Adobe reader.
The security i have is a combo of Kaspersky free + H_C + FirewallHardening + AdGuard Desktop + NextDNS.

And I have in testing few firewalls apps from I need to choose one, and if I find one to suit my needs I deploy on all 3 systems I have...but I'm still in testing, unfortunately firewall apps are not set an forget.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,226
Unfortunately I don't use Microsoft Defender, I use Kaspersky free....
I blocked all Lolbins provided in FirewallHardening app and some exploit protection settings for Browsers , Excel, Word, Adobe reader.
The security i have is a combo of Kaspersky free + H_C + FirewallHardening + AdGuard Desktop + NextDNS.

And I have in testing few firewalls apps from I need to choose one, and if I find one to suit my needs I deploy on all 3 systems I have...but I'm still in testing, unfortunately firewall apps are not set an forget.
Your current setup should be OK. You can also try the DocumentsAntiExploit tool (via SwitchDefeultDeny).

1698755818157.png


1698755852560.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top