I have always liked the ability to select multiple categories so that you can, for instance, detect 'potentially unwanted applications' like cracktools , network sniffers, Remote administration tools, ... I find it useful that Remote Administrator gets detected if a specific category is enabled. Will PrevX implement category based detection in the not so distant future or is this unlikely to ever happen? But then Joe got me thinking on something he said: I'm not good at thinking up scenario's but here goes: Alice gets infected by a nasty piece of malware M. She doesn't know this, but it isn't detected yet by any vendor. She takes an image of her computer after cleaning it up or something. PrevX cleans this nasty a few hours later and no harm done (hopefully). 1,5 years later she restores her image because the PC crashed but detection for that piece of malware may be removed from PrevX? Is that what you are saying Joe? The reason for its removal was simple: it died off in the wild . . . This would kind of explain why there are no categories. You'd never know what was in them at any given time.