Read the audit report and google the names of the auditors: http://www1.prevx.com/PrevxHomeAudit.pdf (this gives very explicit detail of what is collected and what is not) And finally on their mission statement: I know that a lot of people have reservations about data being sent from your computer, but this can't ALWAYS be a bad thing. Where do we draw the line? Having a more than average interest in scientific information (psychology and cognitive studies in particular), I've had to learn how to sort out garbage data from real scientific study. No, I am by NO means an expert, but there are skeptic resources out there that can help tremendously, that apply to any kind of scientific data being presented. A couple of the things you generally look for are attention to detail (ie if they "don't have time" to make sure the details are straight, their tests are meaningless), lack of emotive/marketing speak, and sources you can verify. The info provided by Prevx seems to fit both of these catagories. They've taken the route of practicing full disclosure of their intent, the data they do and do not collect, and they offer you a strong product and service in return. They've labeled this info as "important" for you to read, and put it right there with the download links instead of using obscure language that's buried in EULAs and such. The final point that strikes me is that they are marketing to large enterprises and ISPs (parnering with Sun, IBM, and Microsoft), not the small obscure ones that need the underhanded kind of sleazy tactics offered by such things as spyware. One of the reasons I'm bringing this up is that I am seeing more of this coming out, and I think the overall subject deserves some consideration. Pivx (the makers of Qwik-Fix) is also selling a similar kind of service of detailing current threats. I think this is going to be an important part of how the industry is going to curb the ever growing threats, and we are going to have to ask ourselves where we are going to draw the line. On one hand we don't want to give up privacy, but on the other we don't want to get swept away by paranoia to the degree that it becomes counter productive. I personally see nothing at all to raise any red-flags regarding Prevx, and actually commend them for presenting it the way they have. What do you guys think? Not just about Prevx, but this whole concept and other companies that are compiling statistics for the pros to use? What about AV companies that send home statistics of what virus/trojan/worm you have encountered?