+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
Windows 7 Thread, Stop Students Embedding .exe in Powerpoint in Technical; Hi All, We are being plagued at the moment with students playing Minecraft in lessons. We have blocked the .exe ...
  1. #1
    ALR
    ALR is offline

    Join Date
    Oct 2011
    Location
    Sheffield
    Posts
    31
    Thank Post
    3
    Thanked 2 Times in 2 Posts
    Rep Power
    6

    Angry Stop Students Embedding .exe in Powerpoint

    Hi All,

    We are being plagued at the moment with students playing Minecraft in lessons. We have blocked the .exe from running and have denied any student saving a .exe on their home folders. The little darlings are now embedding the .exe into a Powerpoint presentation then running it from there and it is working. Does anyone know how to block .exes running from within Powerpoint? I've done a Google around and have searched forums but have found nothing that would suit.

    We are running Windows 7 32-bit on clients, Office 2010 and our domain is Server 2008 R2.

    Any help or ideas would be greatly appreciated.

    Thank you.
    Al

  2. #2

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    572
    Thank Post
    38
    Thanked 114 Times in 104 Posts
    Rep Power
    46
    The exe surely runs from some temporary location - could you track this (experiment yourself and use taskmgr command line to see where exe is running from) and block the temp location running?

  3. #3
    ALR
    ALR is offline

    Join Date
    Oct 2011
    Location
    Sheffield
    Posts
    31
    Thank Post
    3
    Thanked 2 Times in 2 Posts
    Rep Power
    6
    When we look into the Powerpoint file, the exe file location point to the temporary AppData on the local profile of one of our student users. The location just says C:\Users\09Username\AppData\Local\Temp\Filename.ex e but the file does not exist on the PC I am testing on so it must be getting the source from the local profile of another PC somewhere on the network. The thing I do not understand is all our Student accounts have mandatory profiles.

  4. #4

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    572
    Thank Post
    38
    Thanked 114 Times in 104 Posts
    Rep Power
    46
    When you are testing and run the file, does it run? If so, check the temp folder in appdata on the user you're testing with. If this is the case, I'd put a software restriction in place for c:\users\*\appdata\local\temp\*.exe (which I think is one we have in place here)

    Cheers

    Will

  5. 2 Thanks to Willott:

    ALR (24th May 2013), timbo343 (29th May 2013)

  6. #5

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    14
    use process monitor to track exactly where and what with the exe file

  7. #6

    Join Date
    Jan 2009
    Posts
    104
    Thank Post
    6
    Thanked 27 Times in 24 Posts
    Rep Power
    21
    However annoying it is, you have to give them some credit for finding a way around the restrictions! Now you just got to find a way of nailing the little b%^&....

  8. #7
    ALR
    ALR is offline

    Join Date
    Oct 2011
    Location
    Sheffield
    Posts
    31
    Thank Post
    3
    Thanked 2 Times in 2 Posts
    Rep Power
    6
    Thanks for all the responses guys. We found that the exe was a repackaged exe with a different hash so our GPO blocking the file didn't pick it up. We have added the new exe hash now. Yes you have to give them credit. Some of them are very enterprising little gifts from God! We'll just have to keep our eyes on what they are bringing in....

    Cheers chaps!

    Al

  9. #8
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,285
    Thank Post
    110
    Thanked 86 Times in 58 Posts
    Rep Power
    28
    One of the reasons we use software restriction policies and whitelists - bit of pain to initially set up but once done work very well at stopping random rubbish being run.

  10. #9

    Join Date
    Feb 2007
    Location
    Wolverhampton
    Posts
    325
    Thank Post
    18
    Thanked 35 Times in 33 Posts
    Rep Power
    20
    Quote Originally Posted by Sheridan View Post
    One of the reasons we use software restriction policies and whitelists - bit of pain to initially set up but once done work very well at stopping random rubbish being run.
    Just enforce applocker

  11. #10
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,475
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    52
    Hi

    I dont think you can stop them embedding the exe but what you can do is.

    Stop them seeing the c drive.
    Stop them downloading exe with your proxy
    Stop them running exe files from there area and usb storage devices.
    Stop them running exe file in any shared area for students

    Its not perfect but they will find it hard.

    Using Group Policy Objects to hide specified drives

    How Software Restriction Policies Work: Group Policy we use path rules

    dansguardian default list: mimetype and extention this is how danguardian does it but might give you some ideas.

    Richard
    Last edited by ricki; 25th May 2013 at 07:31 AM.

  12. #11
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    789
    Thank Post
    79
    Thanked 129 Times in 112 Posts
    Blog Entries
    8
    Rep Power
    31
    I think you guys are going about this the wrong way. You're looking for technical solutions to something that is ultimately a disciplinary issue. You can eventually reach a point where you can box them in to where they can't do these sorts of things, but management becomes a pain and the functionality of the machines is hampered. Start out with handing lunch detentions out like candy and move on from there if the problem persists.

  13. #12

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,118
    Thank Post
    215
    Thanked 1,236 Times in 784 Posts
    Blog Entries
    4
    Rep Power
    502
    Quote Originally Posted by Duke5A View Post
    I think you guys are going about this the wrong way. You're looking for technical solutions to something that is ultimately a disciplinary issue. You can eventually reach a point where you can box them in to where they can't do these sorts of things, but management becomes a pain and the functionality of the machines is hampered. Start out with handing lunch detentions out like candy and move on from there if the problem persists.
    This is true enough - however it needs major buy in from the SLT and proper policies in place.

    I know many schools have a hard time achieving this, so being able to lock things down whilst trying to change attitudes to a sensible way of thinking is a good middle ground. Also stops screaming staff members

  14. #13

    Join Date
    Apr 2007
    Location
    Cornwall
    Posts
    248
    Thank Post
    16
    Thanked 61 Times in 39 Posts
    Rep Power
    25
    Quote Originally Posted by Domino View Post
    This is true enough - however it needs major buy in from the SLT and proper policies in place.

    I know many schools have a hard time achieving this, so being able to lock things down whilst trying to change attitudes to a sensible way of thinking is a good middle ground. Also stops screaming staff members
    Agreed. Here it would be - why does the computer allow them to do this. Please fix.

    Meldrew

  15. #14
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    789
    Thank Post
    79
    Thanked 129 Times in 112 Posts
    Blog Entries
    8
    Rep Power
    31
    Quote Originally Posted by Domino View Post
    This is true enough - however it needs major buy in from the SLT and proper policies in place.

    I know many schools have a hard time achieving this, so being able to lock things down whilst trying to change attitudes to a sensible way of thinking is a good middle ground. Also stops screaming staff members
    Yeah, I'll most certainly agree with this. Sometimes the overly complicated technical solution is in fact the easier approach than having to deal with humans.

  16. #15
    Fazza's Avatar
    Join Date
    Jun 2012
    Location
    England
    Posts
    197
    Thank Post
    4
    Thanked 19 Times in 18 Posts
    Rep Power
    8
    The little rascals!

    You could always look in to using AppLocker in a Group Policy (in a GPO it's listed as Application Control Policies). There's a bit of work to do but that will most probably solve the issue for you.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. MRBS - Stopping students from logging in and making bookings?
    By Sam_Brown in forum Network and Classroom Management
    Replies: 8
    Last Post: 18th May 2011, 10:13 AM
  2. Replies: 0
    Last Post: 13th May 2010, 04:01 PM
  3. Embedding video in Powerpoint 2003
    By BatchFile in forum How do you do....it?
    Replies: 8
    Last Post: 27th April 2010, 10:29 AM
  4. Replies: 14
    Last Post: 11th March 2008, 01:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •