You can create a software restriction policy which can stop short cuts being run from the desktop, but it doesnt stop them being created on the desktop.
What happens is the short cut is created and looks fine, but when they try to run it they get a message saying this has been disabled. The way this works is in the "User config\windows settings\software restrictions policies\Additional rules\" you need to add a rule type in the full path for the files which are to be disabled wild cards work i.e * or ?. Then in the Security level option select the Disallowed option.
So if your path had C:\Documents and Settings\*\Desktop then any short cut on a desktop or new onces created will not run. If you just want to restrict the one file then add that file name to the path. The reason I put a * in the path is due to the user name changing for each user who logs on. So again if this policy is set up as per above with a security group and permissions set for the group only, then only the user accounts in the group will be affected.
This does not stop new short cuts being created.... Only stops them running the short cuts from the desktop. The only way I have found to stop new short cuts being created is to change the permissions of the desktop to read and execute this allows the users to run the shortcut files but not add new ones. This can be done with a log script if running with local profiles, or running a script to change the file permissions on the home area, desktop folder assuming you have roaming profiles.
More info on mandatory user profile is have
http://technet2.microsoft.com/windowsserver/en/library/3bd7900c-6145-461d-89f2-c12a8c6dd7301033.mspx?mfr=true
As for a scirpt this will be hunt in internet for some thing similar and then tweak it to suit. Hope this is not too much info and good luck