Hello,
You could block an application via Application Control OR via System Lockdown.
For Application Control, check these Articles:
About best practices for creating application control rules
http://www.symantec.com/docs/HOWTO55145
How to configure Application Control in Symantec Endpoint Protection 11.0 : Configuring Application Control Policies
http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/7049d06ba3c9e86f802573620054d9c2?OpenDocument
How to use Symantec Endpoint Protection to block or log legitimate but unauthorized software usage
http://www.symantec.com/docs/TECH97618
and
For System Lockdown, please check these Articles:
Configuring system lockdown
http://www.symantec.com/business/support/index?page=content&id=HOWTO55130
About system lockdown
http://www.symantec.com/business/support/index?page=content&id=HOWTO27322
Managing file fingerprint lists
http://www.symantec.com/business/support/index?page=content&id=HOWTO55133
Running system lockdown in test mode
http://www.symantec.com/business/support/index?page=content&id=HOWTO55131
Enabling system lockdown to block unapproved applications
http://www.symantec.com/business/support/index?page=content&id=HOWTO55132
Check this thread: http://www.symantec.com/connect/forums/system-lockdownis-it-working
Monitoring the applications and services that run on client computers
http://www.symantec.com/docs/HOWTO55218
You can use a query tool to search for the list of applications that the client computers run. You can search on application-based criteria or computer-based criteria. For example, you can find out the version of Internet Explorer that each client computer uses.
See Searching for information about the applications that the computers run.
You can save the results of an application search for review.
See Saving the results of an application search.
Hope that helps!!