HOW TO: Quick guide how to block students running EXE`s from Zipped files
1) Create a new Group policy in the computer group.
2) Edit the policy and goto: Computer Config/Secuirty Settings/Software Restriction Policies,
3) right click and select "create new policy"
4) Leave everything default and click "Additional Rules"
5) enter: C:\Documents and Settings\%username%\Local Settings as a new rule with "Disallowed" as the security level.
Gpupdate force and your done :)
make sure that you leave the "unrestricted" as default in "security levels" or you will be blocking a whole load of stuff !
If there is anything i have overlooked please let me know..
Just also found out that kids are hiding files in the "shadow copies" not sure if these files would show up when scanning for a file type.