In the same vein as Zone Alarm and other personal firewalls and MS Anti-Spyware, there has been a crop of applications come out lately that monitor the startups, in real time, and notify the user when something is added to the many places at which an application could run at startup. The user can allow or disallow the change.
I would like to see an application that would do this for any executable. When any executable is attempting to run, this program can stop it (if this is possible) and alert the user. The user allows the app to run or blocks it, either permanently or just at that one time. As for apps that you permanently set to allow to run, you can use something like MD5 (and of course, date/time/size) to check each time to see if it is truly the same executable. This seems to me would be the best virus/spyware protection, along with startup monitor, BHO monitor, etc.
I know that you could write an "exe wrapper", by editing the registry at HCR\exefile\shell\open\command and putting something like "C:\ExeWrapper.exe" "%1" %*. This would "intercept the exe" so the exe wrapper can shell the exe or not. But that doesn't seem like a good way to do it. Seems like viruses could disable that. I would think some kind of system hook would be better, but I don't know if that exists. One thing that wouldn't work though, is a timer. Malicious code could be run in before the next timer tick.
To be an all in one solution, this idea could be expanded to include other "code that is executed", such as services, BHOs, etc. And then also include the startups.
The Coding Snacks is a great idea, I hope it is very successful!