An opportunity for AV companies
Most popular software packages are digitally signed these days. It would be fairly simple to write code to check a list of a hundred or so "most popular" packages (all recent versions) and check that their certs are correct. It wouldn't take very long either, since the cost is essentially one pass of your directory tree plus one signature check for each of the whitelisted apps that it finds. As "heuristic" checks go, this strikes me as whole lot more useful than hosing your OS, which is what some of the AV companies seem to do.
If the AV companies won't bother, perhaps MS would like to consider it for their own monthly malware scan (from Windows Update). Since I'm a generous bloke, I hereby put the idea of "using digital signatures for their intended purpose" into the public domain.