I found out the hard way that nod32 can't "cut threads" from an infected file to the processor. My cousins system was infected with the "Antinny.AT" worm, and nod32 simply couldn't do anything about it. I tried booting into safe mode, and even then that worm was protecting itself against any form of removal. I would hope that nod32 3.0+ can cut a processes threads and deal with the threat. I told them it was important to secure the PC before it gets infected. This way, you don't have to worry about removing anything. Most end-users don't understand that once a PC is infected, you have a much lower chance of cleaning it. In any case, I consider this a weakness of nod32. It should be able to terminate the threads of a running malware program so that it can be removed. There isn't any reason why nod32 itself can't do this, as the cleaners that the company makes can.