The Unix root user security model is not what makes Unix secure. A limited user account might have saved your system data. That’s not much use when user data is the important data anyway. System data is cheap to restore: the system disk comes on its own CD with a new computer.
On a multiuser system limited users are vital. I maintain several Unix servers and see user accounts get hijacked every now and then due to bad passwords, insecure web sites, ssh keys hijacked from a home machine, etc. Users are limited to damaging their own accounts, so long as the systems are kept up to date.
There are privilege escalation attacks available against unpatched systems, and those do get tried. I live in fear of zero-days, of course. That would mean a wipe and restore from tape.
I wouldn’t trust a manual clean up like you’ve just done. As other users have pointed out, root kits are easy. Root kit revealers are not nearly as reliable as virus scanners, which are themselves not especially reliable. If you’ve got a root kit, your machine can be re-hijacked at any time to send spam or whatever, just by the bad guy connecting in.
Linux or Macs are one kind of solution, as others have pointed out. I’ve seen too many Unix security incidents to consider them any sort of ecosystem solution – if everybody adopted Linux, we’d be exactly where we are with Windows, once all the bad guys began writing their tools for it.
My own belief is that things are as good right now as they are going to get. There is no technical solution to the problem of software security bugs. If we ever want to end the spam, the identity theft, and the viruses, we’re going to have to do it with international legislation and international enforcement. Doesn’t seem likely to me.