These articles should help you on your way:
http://www.symantec.com/docs/TECH163673
http://www.symantec.com/docs/TECH96766
These will help you block processes that may not be known by Symantec yet (i.e. no signatures exist for them). Obviously, if it is a known malicious file, then make sure you have the latest defs and/or grab the rapid release defs.