If an attacker has admin access to your computer (which is required for the attack you described), then you've pretty much lost. Anything you could do could be circumvented by the attacker.
Because of that, I think it is completely pointless trying to defend against this type of attack. If you have to deal with untrusted, potentially compromised computers, then you simply can't trust them to do anything sensitive and you have to do it on your own server, or something like that.