If the schools were smart, they'd have Deep Freeze installed on all PCs. Mine eventually started doing that. Also, you can't inject DOC files. There are CVEs that generate MS Office 2007 macros that remotely download payloads, but these really only work in countries where governments supply OS updates. Also, using php-sendmail to spoof a domain without DKIM keys (most schools don't use these) is a smarter idea than Sigaint. As far as a keylogger goes, I wouldn't rely on that as they can be incredibly insecure. Using a stealer like Pony is much more efficient and secure.