Warren Software's TerminatorX

Installation and Operating Instructions

Other information at: http://www.plevna.f9.co.uk/index.htm

Details on how to purchase a site license for TerminatorX
see http://www.plevna.f9.co.uk/buy.htm

Choose the instructions to match your experience

Introduction and overview - What it does and how it works.

Step-by-step instructions - a phased approach to installation to ensure success.

Instructions for those with moderate knowledge - assumes some knowledge of login scripts and server access rights

Quick start instructions for experts - assumes good knowledge of login scripts and server access rights.

Additional peer to peer instructions - assumes you know how to share an area over your network.

Introduction

What does the download zip file contain?

What does TerminatorX do?

File sharing programs (like Kazaa etc.), chat programs, messenger programs and games can all be prohibited. TerminatorX runs on almost any Microsoft Windows workstation.

How does TerminatorX do this?

TerminatorX operates by scanning the window titles of all the applications that the users have opened on their workstation. The window titles are on the title bar at the top of each application's window. It scans these titles every few seconds and matches the window titles with a list stored in a secure place on the file server. If a match is found, TerminatorX closes the application down.

Why is TerminatorX better than other solutions?

It is loaded, during the execution of the user's login script, from a secure place on the file server. This place is an area on the file server's disk where the user is given only read and execute rights. The area can be mapped as a drive letter, or can be part of an existing mapping which has those rights.

The file containing the list of window titles chosen by the network administrator to match is located in the same secure place on the server. This ensures that the user can not alter the prohibited windows list. The user should be given no rights to modify their login script, TerminatorX's executable file or the list file. The set-up is therefore secure.

While running, TerminatorX is hidden from the task list so users can't shut it down by performing a 'Ctrl-Alt-Del' and closing it. The only way to stop it running is a reboot.

Instructions for a phased introduction to ensure success:

Step 1. Run TerminatorX locally on a single workstation and set it to detect only Windows Calculator.

• Check that you have read/write access rights to the registry and to the windows folder on the workstation.
       The trial version of TerminatorX uses these and will generate an error if reading and writing are not permitted.
• Create a folder on the local hard disk drive - call it, for example, TestTX
• Place a copy of TXtrial.exe in that folder
• Place a copy of the file msvbvm60.dll into the windows system folder

usually         c:\windows\system on WIN 95, 98, SE and ME
and             c:\winnt\system on 2000, NT and XP

• Use Windows Notepad to generate a file called xlist.txt containing the following lines:

  2 1 Calculator

(Note that this scans every 2 seconds for applications with a window title 'Calculator' and re-reads the xlist.txt file every minute)

• Save the file into the same folder (TestTX) as TXtrial.exe
• Open up 'My Computer', view the hard disk drive, open the folder (TestTX) and run TXtrial.exe
• Wait a short while....
• Start Windows Calculator by going to the Start Menu button - Programs - Accessories - Calculator.
• The calculator should disappear from the screen once TerminatorX starts its monitoring process.
• If the calculator does not disappear, check the file format and filename of xlist.txt. Please note that the entries are case sensitive.

Step 2. Run TerminatorX locally on one workstation of each operating system type (Win98, 2000, NT etc.)

• Transfer the files by floppy disk to a workstation of each type and repeat the procedure given in step 1 above.
• If TerminatorX fails to remove the calculator on a particular workstation, the read/write access permissions to the registry and windows folder may be incorrect.
• Once it is working OK, re-boot each workstation to remove TerminatorX.

Step 3. Run TerminatorX for a single user on your network

• You can use an existing user, or set up a new dummy user for test purposes
• Create a folder on the server which can be mapped as a drive in the user's login/logon script.
• Ensure that the user's access rights to that folder (and any files in it) are restricted so that they can't delete or modify files within it.
• Transfer the xlist.txt and TXtrial.exe files that you used in step 1 above into the folder that you created on the server.
• Place the file msvbvm60.dll into the windows system folder on the user's workstation.
• Check that the user has read/write access rights to the registry and to the windows folder on the workstations.
       The trial version of TerminatorX uses these and will generate an error if reading and writing are not permitted.
• Alter the user's login/logon script to
  • Map a drive letter to the file containing TXtrial.exe and xlist.txt
  • Run TXtrial.exe
  Examples might be (you will have to use the correct server and folder names):
  
  

  On an NT server network use:		NET USE X:   \\SERVER01\SECUREPART start X:\TXtrial.exe
  On a Novell Netware network use:		MAP ROOT X:=\\SERVER1:APPS\TERMX @X:\TXtrial.exe

• Log the user on, start up Windows Calculator and check that it disappears.

Step 4. Set up TerminatorX for a group of users on your network

• If TerminatorX opertates correctly for one user it should do the same for many.
• Try altering the login script for groups of users if that facility is available with your Network Operating System.
• Make sure that you place a copy of msvbvm60.dll into the windows system folder on all your workstations.

Step 5. Place a more appropriate set of window titles in xlist.txt for TerminatorX to prohibit

• Use the program Xlist Generator.exe to make an xlist.txt file - just select the applications that you want to block from the list provided.
• Set the number of seconds between checks for blocked applications, and the number of minutes between list refreshes.
• To block applications that are not in the list, run a copy of each of those applications that you want to prohibit and note down the window titles from the bar at the top of each application's window.
• Place those titles in the custom section of the Xlist generator program.
• 'Wild cards' can be used where '*' means any number of letters and '?' means any single letter. For example:

  *aZaA* would detect:

  • KaZaA - [Start]
  • KaZaA- [Traffic]
  • KaZaA- [Search]

  and would even detect and close Internet Explorer when it is viewing web pages with 'aZaA' in the title.

  There is an xlist.txt included in the TX-Trial.zip file that you can download which stops KaZaA, Morpheus, iMesh, MSN messenger, AOL Instant Messenger and Yahoo Messenger.

Step 6. Different groups or types of users could be given appropriate xlist.txt files.

In an educational establishment you may want to ban MSN messenger for the students but leave it available for the teachers. Using this as an example:

• Set up different folders on the file server for staff and students.
• Place copies of TXtrial.exe and xlist.txt in each folder.
• Alter the list of prohibited applications within each xlist.txt file so that they are appropriate to each group.
• Alter the login scripts of the staff and students to map the drive letter to the appropriate folder.

Installation instructions for those with moderate knowledge

If you have a peer-to-peer network you should also see these extra instructions.

To install TerminatorX on a client-server network you will need to be a network administrator with full access rights to the file server. You need these rights so that you can create a secure area on the file server and restrict the users' rights to that area. You will also need to be able to add a line to users' login scripts to set TerminatorX running on the users' workstations.

TerminatorX's file is fairly small (TXtrial.exe is 40KB) but it needs to have Visual BASIC 6's run time library 'Msvbvm60.dll' (1.3MB) available. The run-time library is contained in the download zip file.

The TXtrial.exe file should be sited on the file server and placed in a drive and directory (folder) that the users can run application programs from, but to which they do not have write, modify or delete access permissions. This is merely to stop them tampering with the files.

The only other file needed is a data file called 'Xlist.txt' which is plain text. Use the program Xlist generator.exe, included in the zip file you downloaded, to generate an Xlist.txt file to block the applications that you want to prevent. This file should be stored in the same secure drive and directory as TXtrial.exe.

The TXtrial.exe program should be run on each workstation as part of the users login (or logon) script.

Check that the user has read/write access rights to the registry and to the windows folder on the workstations.
     The trial version uses these and will generate an error if reading and writing are not permitted.

On an NT Server network typical lines might look like:

NET USE X:   \\SERVER01\SECUREPART
START X:\TXtrial.exe

and on a Novell Netware network:

MAP ROOT X:=\\SERVER1:APPS\TERMX
@X:\TXtrial.exe

As mentioned before, the program is hidden from the task list so that users can't shut it down by performing a 'Ctrl-Alt-Del' and closing it. The only way to stop it running is a reboot.

Use Xlist generator.exe to select which programs are prohibited. For any programs not listed in the generator, you will need to run each of the programs to ban, note their window titles and place an entry for each in the Custom section (one per line) of Xlist generator. See Xlist generator's help screens for a fuller explanation. TerminatorX then uses the titles stored in the xlist.txt file to scan with and match against the users open applications, and to close the banned applications down.

Scans happen at an interval determined by an entry in the Xlist.txt file. The program re-reads the Xlist.txt file at intervals given by another entry in the Xlist.txt file, allowing you to rapidly update the set of programs to be prohibited for all users whose login script runs TerminatorX.

Different sets of prohibited applications may be provided for each user or groups of users by mapping different areas on the server to the same drive letter and storing different versions of Xlist.txt in those areas.

In an educational establishment, for example, staff might be permitted to use MSN Messenger whereas students might not.

The following is an explanation of the structure of the xlist.txt data file. This is given for reference only as you can generate the data file using the Xlist generator application included in the zip file.

A typical Xlist.txt file might be:-

    2
    1
    *aZaA*
    *Morpheus*
    MSN Messenger
    MSN Chat
    *Windows Messenger*
    *Buddy List Window*
    *Yahoo! Messenger*
    *BearShare*
    *LimeWire*

There is an xlist.txt included in the TX-Trial.zip file that you can download to block Kazaa, MSN messenger, AOL Instant Messenger and Yahoo Messenger

There could be many more entries for particular games, chat and other programs - it's up to you which applications you want to prohibit. The order of window title entries is not important.

The first line in the file is the number of seconds between successive scans looking through the user's windows titles for prohibited programs. Values between 1 and 60 seconds are allowed. In the case above the program will look every 2 seconds. On slow computers, with very long lists (100 entries or more) you may want to increase the interval.

The second line is the interval in minutes between each refresh of the list of window titles that TerminatorX is to match. In the case above the program will re-read the Xlist.txt file (and therefore update the prohibited window list) once every minute. Values between 1 and 60 minutes are allowed.

The subsequent lines are the titles of windows which, if open on a workstation will result in that application being terminated. In the example shown above, Kazaa, Morpheus, MSN Messenger, MSN Chat, AOL Instant Messenger, Yahoo! Messenger, Bearshare and Limewire will be shut down.

Wild card entries are allowed e.g. *aZaA* will look for every window title with aZaA as part of it. This will mean that if a user views the Kazaa download site in a browser, the browser will be shut down. Currently the entries are case sensitive, i.e. *azaa* is not the same as *aZaA*. Blank lines are ignored. Spaces are stripped from each end of lines.

To block further (and future) applications you merely have to run the offending applications yourselves, note the window titles and include them in the Xlist.txt file. You can alternatively place these the custom section of the Xlist generator application included in the zip file

The file 'Msvbvm60.dll' should be stored in the system folder on each of the workstations:

    C:\WINDOWS\SYSTEM\  on a windows 9X workstation

    C:\WINNT\SYSTEM\ on an NT or XP workstation.

Msvbvm60.dll can also be placed in the secure directory where TXtrial.exe is located.

You may want to try TerminatorX out on one or two areas or workstations first to ensure that it operates correctly in your environment. Please remember that TerminatorX is not visible while running. Re-boot to stop TerminatorX running, before changing settings etc.

As a quick test, try putting Calculator as one of the window title entries and check that Windows Calculator is closed shortly after it is run.

Note that although TerminatorX does not appear in the task list in task manager, it does appear in the processes list. For solutions to this problem see http://www.plevna.f9.co.uk/problems.htm

Back to top

Quick start instructions for experts

If you have a peer-to-peer network you should also see these extra instructions.

Block Kazaa - quick start instructions for experts

• Shared folders on network servers
• Restricting user access rights to those folders
• Creating/editing user logon/login scripts.

If this is not the case, please see the  please see the step by step instructions.

1. Run the Xlist generator.exe program and select the programs that you want to block. Also set the time (seconds) between scans for prohibited programs and the number of minutes between re-reads of the prohibited list. Create the Xlist.txt file. See the Xlist generator help screens to find out how to block programs that are not in Xlist generator's list

2. Create a restricted folder (having no write, delete or modify rights for your users) on your server. I'll use the example 'TermX' for the folder name.

3. Place the txtrial.exe and xlist.txt files in the TermX folder. Place the msvbvm60.dll file in each user's windows system folder.

4. Edit the users logon (or login) script to run txtrial.exe when they log on to the network:

   On an NT Server network typical lines might look like:

          NET USE X:   \\SERVER01\TermX
          START X:\TXtrial.exe

   and on a Novell Netware network:
   
          MAP ROOT X:=\\SERVER1:APPS\TermX
          @X:\TXtrial.exe

5. Check that the programs you selected in Xlist generator are shut down when one of your users (having logged on to the network) tries to run them.

Please note that as part of the protection (30 day trial period validation), the trial version writes to the registry and to the windows folder on the user's workstation. When testing the trial version you will need to allow the user sufficient rights to permit this on the workstation otherwise an error will occur. These rights are not necessary when using the full product.

Using TerminatorX on a Peer-to-peer network

    c:\XXXXXX\txtrial.exe

    where XXXXXX is your system folder path

If you want better security and easier updating of the prohibited applications list, follow the following method:

This method of setting up TerminatorX on workstations arranged on a peer-to-peer network configuration requires:

• Changes to each workstation registry
• Shared folders on network servers
• Restricting user access rights to those folders

1. If you have not already done so, download the TX-Trial.zip file and the additional file for peer-to-peer networking called peernet.exe Un-zip the zip file using winzip or another similar program
    
2. Run the Xlist generator.exe program and select the programs that you want to block. Also set the time (seconds) between scans for prohibited programs and the number of minutes between re-reads of the prohibited list. Create the Xlist.txt file.

3. Choose one of the workstations on your peer-to-peer network to be a 'server'. Any computer on the network will do but you might want to choose one that is not available to general users (e.g. a network admin computer). View the network name (see how to do this below) of the workstation chosen as server - we will call ours staff for the rest of these instructions.
   
   In Windows XP, to view the network name, right-click on My Computer and choose properties, click on the 'Computer name' tab and look at the 'Full computer name'. To set or change it click on the 'Change' button.
   
   In WIN98, right-click on Network Neighborhood and choose properties, click on the 'Identification' tab and look at the 'Computer name'.
    

4. On your 'server' computer (network name 'staff') make a new folder. Call it for example termx. We will assume the name termx for the rest of these instructions.
    
5. Right click on the folder and look at the folder properties. Look at the sharing tab and share the folder without write access (de-select the 'Allow network users to change my files'.)

   Take the TXtrial.exe program and the xlist.txt file and put them in the folder.

   =============== That's it for the 'staff' computer ========================
    

6. On each workstation:

   Put the peernet.exe somewhere out of the way on the user's main drive. Let's say in C:\others\
   You can bury it as deeply as you like. You can also re-name it as long as you use the changed name anywhere that 'peernet.exe' appears below.
    

7. Run Regedit (Start menu, Run and type Regedit.exe) and locate

           HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

   Create a new string value (for example called runterm) and then modify its contents to be:

           c:\others\peernet.exe     \\staff\termx\txtrial.exe

   Try to avoid spaces in the paths and then you won't need any quotation marks. Remember to substitute the names you have chosen instead of 'others', 'staff' and 'termx'.
    

8. Make sure that there is a copy of msvbvm60.dll in the system folder of the workstation.
    
9. Try re-booting the workstation and check that Kazaa or other programs you have included windows for in the xlixt.txt file are removed whenever they are started up on the workstation.  Note that there might be a delay before shared drives become available (up to a minute). But after that time, TerminatorX should remove any programs that you have window title entries for in xlist.txt.

Lastly repeat stages 6 to 9 on each workstation on the network

Please note that as part of the protection (30 day trial period validation), the trial version writes to the registry and to the windows folder on the user's workstation. When testing the trial version you will need to allow the user sufficient rights to permit this on the workstation otherwise an error will occur. These rights are not necessary when using the full product.