+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Windows 7 Thread, Stop Students Embedding .exe in Powerpoint in Technical; Hi All, We are being plagued at the moment with students playing Minecraft in lessons. We have blocked the .exe ...
  1. #1
    ALR
    ALR is offline

    Join Date
    Oct 2011
    Location
    Sheffield
    Posts
    31
    Thank Post
    3
    Thanked 2 Times in 2 Posts
    Rep Power
    7

    Angry Stop Students Embedding .exe in Powerpoint

    Hi All,

    We are being plagued at the moment with students playing Minecraft in lessons. We have blocked the .exe from running and have denied any student saving a .exe on their home folders. The little darlings are now embedding the .exe into a Powerpoint presentation then running it from there and it is working. Does anyone know how to block .exes running from within Powerpoint? I've done a Google around and have searched forums but have found nothing that would suit.

    We are running Windows 7 32-bit on clients, Office 2010 and our domain is Server 2008 R2.

    Any help or ideas would be greatly appreciated.

    Thank you.
    Al

  2. #2

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    575
    Thank Post
    38
    Thanked 115 Times in 105 Posts
    Rep Power
    47
    The exe surely runs from some temporary location - could you track this (experiment yourself and use taskmgr command line to see where exe is running from) and block the temp location running?

  3. #3
    ALR
    ALR is offline

    Join Date
    Oct 2011
    Location
    Sheffield
    Posts
    31
    Thank Post
    3
    Thanked 2 Times in 2 Posts
    Rep Power
    7
    When we look into the Powerpoint file, the exe file location point to the temporary AppData on the local profile of one of our student users. The location just says C:\Users\09Username\AppData\Local\Temp\Filename.ex e but the file does not exist on the PC I am testing on so it must be getting the source from the local profile of another PC somewhere on the network. The thing I do not understand is all our Student accounts have mandatory profiles.

  4. #4

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    575
    Thank Post
    38
    Thanked 115 Times in 105 Posts
    Rep Power
    47
    When you are testing and run the file, does it run? If so, check the temp folder in appdata on the user you're testing with. If this is the case, I'd put a software restriction in place for c:\users\*\appdata\local\temp\*.exe (which I think is one we have in place here)

    Cheers

    Will

  5. 2 Thanks to Willott:

    ALR (24th May 2013), timbo343 (29th May 2013)

  6. #5

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15
    use process monitor to track exactly where and what with the exe file

  7. #6

    Join Date
    Jan 2009
    Posts
    104
    Thank Post
    6
    Thanked 27 Times in 24 Posts
    Rep Power
    22
    However annoying it is, you have to give them some credit for finding a way around the restrictions! Now you just got to find a way of nailing the little b%^&....

  8. #7
    ALR
    ALR is offline

    Join Date
    Oct 2011
    Location
    Sheffield
    Posts
    31
    Thank Post
    3
    Thanked 2 Times in 2 Posts
    Rep Power
    7
    Thanks for all the responses guys. We found that the exe was a repackaged exe with a different hash so our GPO blocking the file didn't pick it up. We have added the new exe hash now. Yes you have to give them credit. Some of them are very enterprising little gifts from God! We'll just have to keep our eyes on what they are bringing in....

    Cheers chaps!

    Al

  9. #8
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,437
    Thank Post
    130
    Thanked 109 Times in 73 Posts
    Rep Power
    33
    One of the reasons we use software restriction policies and whitelists - bit of pain to initially set up but once done work very well at stopping random rubbish being run.

  10. #9

    Join Date
    Feb 2007
    Location
    Wolverhampton
    Posts
    331
    Thank Post
    18
    Thanked 35 Times in 33 Posts
    Rep Power
    21
    Quote Originally Posted by Sheridan View Post
    One of the reasons we use software restriction policies and whitelists - bit of pain to initially set up but once done work very well at stopping random rubbish being run.
    Just enforce applocker

  11. #10
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,477
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    53
    Hi

    I dont think you can stop them embedding the exe but what you can do is.

    Stop them seeing the c drive.
    Stop them downloading exe with your proxy
    Stop them running exe files from there area and usb storage devices.
    Stop them running exe file in any shared area for students

    Its not perfect but they will find it hard.

    Using Group Policy Objects to hide specified drives

    How Software Restriction Policies Work: Group Policy we use path rules

    dansguardian default list: mimetype and extention this is how danguardian does it but might give you some ideas.

    Richard
    Last edited by ricki; 25th May 2013 at 08:31 AM.

  12. #11
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    859
    Thank Post
    88
    Thanked 154 Times in 124 Posts
    Blog Entries
    8
    Rep Power
    36
    I think you guys are going about this the wrong way. You're looking for technical solutions to something that is ultimately a disciplinary issue. You can eventually reach a point where you can box them in to where they can't do these sorts of things, but management becomes a pain and the functionality of the machines is hampered. Start out with handing lunch detentions out like candy and move on from there if the problem persists.

  13. #12

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,126
    Thank Post
    217
    Thanked 1,353 Times in 826 Posts
    Blog Entries
    4
    Rep Power
    528
    Quote Originally Posted by Duke5A View Post
    I think you guys are going about this the wrong way. You're looking for technical solutions to something that is ultimately a disciplinary issue. You can eventually reach a point where you can box them in to where they can't do these sorts of things, but management becomes a pain and the functionality of the machines is hampered. Start out with handing lunch detentions out like candy and move on from there if the problem persists.
    This is true enough - however it needs major buy in from the SLT and proper policies in place.

    I know many schools have a hard time achieving this, so being able to lock things down whilst trying to change attitudes to a sensible way of thinking is a good middle ground. Also stops screaming staff members

  14. #13

    Join Date
    Apr 2007
    Location
    Cornwall
    Posts
    347
    Thank Post
    22
    Thanked 96 Times in 67 Posts
    Rep Power
    40
    Quote Originally Posted by Domino View Post
    This is true enough - however it needs major buy in from the SLT and proper policies in place.

    I know many schools have a hard time achieving this, so being able to lock things down whilst trying to change attitudes to a sensible way of thinking is a good middle ground. Also stops screaming staff members
    Agreed. Here it would be - why does the computer allow them to do this. Please fix.

    Meldrew

  15. #14
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    859
    Thank Post
    88
    Thanked 154 Times in 124 Posts
    Blog Entries
    8
    Rep Power
    36
    Quote Originally Posted by Domino View Post
    This is true enough - however it needs major buy in from the SLT and proper policies in place.

    I know many schools have a hard time achieving this, so being able to lock things down whilst trying to change attitudes to a sensible way of thinking is a good middle ground. Also stops screaming staff members
    Yeah, I'll most certainly agree with this. Sometimes the overly complicated technical solution is in fact the easier approach than having to deal with humans.

  16. #15
    Fazza's Avatar
    Join Date
    Jun 2012
    Location
    England
    Posts
    222
    Thank Post
    6
    Thanked 29 Times in 26 Posts
    Rep Power
    10
    The little rascals!

    You could always look in to using AppLocker in a Group Policy (in a GPO it's listed as Application Control Policies). There's a bit of work to do but that will most probably solve the issue for you.



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. MRBS - Stopping students from logging in and making bookings?
    By Sam_Brown in forum Network and Classroom Management
    Replies: 8
    Last Post: 18th May 2011, 11:13 AM
  2. Replies: 0
    Last Post: 13th May 2010, 05:01 PM
  3. Embedding video in Powerpoint 2003
    By BatchFile in forum How do you do....it?
    Replies: 8
    Last Post: 27th April 2010, 11:29 AM
  4. Replies: 14
    Last Post: 11th March 2008, 02:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •