You can protect yourself from stuff like this by running all users (including yourself) as limited users. Then using a full administrative account only to administer the machine.
Just run a system scan at the end of the day once a week and you will be all set.
I don't like the idea of running a limited account. I'm sure it is safer, but I'd rather just run the administrative account.
I do run a system scan every week. I guess it's all I need to do, at the moment.