An event report, such as a
virus detection event, is sent from a reporting computer 2 to a receiving computer 6 via an internet link 4. The report data may take the form of a URL requesting a
web page 28 to be provided by the receiving computer 6, the URL bearing an encrypted form 24 of the report data that is used to identify the requested
web page as well as pass further information to the receiving computer 6. Alternatively, the report data may be collated in the reporting computer 2 and passed to the receiving computer 6 when a
computer virus definition data update is requested. The report data seeks to uniquely identify the event by incorporating the
MAC address of the reporting computer 2, the date, time, computer
product identifier,
version identifier, update identifier and driver triggered. Additionally, a
checksum derived from the infected file together with an indication of the corrective action, if any, taken by the reporting computer 2 may be included. The report data sent to the receiving computer 6 may be used to obtain real life information concerning the
prevalence of particular viruses together with information characterising the anti-
virus programs and their update status being employed by the user
community.