Conventional antivirus programs search computers for malicious code, e.g., spyware, rootkits, Trojan Horses, viruses, or worms, and remove any that are found. Users frequently download profiles of new malicious code so that the antivirus program can check for the new malicious code as soon as it is discovered. Most antivirus programs include an auto-update feature that automatically downloads the profiles of new malicious code on a regular basis. One major drawback to these programs is shown in the following scenario: A user's computer becomes infected by a particular strain of malicious code that is not known or detectable by the current antivirus product. Unbeknownst to the user, the malicious code monitors the user's behavior, recording the user's passwords or other information as the user visits various data sources (such as a banking website). Subsequently, the antivirus software fingerprints are updated, enabling the antivirus software to detect the malicious code on the user's machine. However, the antivirus software cannot inform the user that this malicious code targeted the user during the period before the fingerprints were updated. The ability to provide this information (e.g., “You were infected last week with a piece of unknown malicious code which tracked your banking transactions. Please contact your bank to change your password.”) will be extremely useful to customers, so they can be alerted to possible eavesdropping on their accounts.