@Pelover, well, the seed is entered in a random order. So even if the computer is compromised the attacked still needs to try 24! combinations before cracking your password. So you will have enough time to create a new account as BurtW said.
But if the new Trezor can use those words in random order, why couldn't the attacker do it too?
Please read this:
https://github.com/satoshilabs/docs/blob/master/trezor-user/recovery.rst'
I have read it but cannot see the answer.
The attack that worries the OP may be: hacker installs malicious browser/plugin in many computers and waits for one of the owners to start the recovery procedure. As the victim types the words, the malicious software sends them to the thief, and sends the wrong words to the victim's Trezor, so that his recovery will fail. Meanwhile the thief starts the legitimate recovery procedure with another Trezor, enters the words (garbled, with nulls and all), and gets access to the victim's wallet.
(A basic problem of all security systems is that, whatever one must do to get access, someone else with the right information could do the same. Including biometrics. Thus, security always depends ultimately on preventing the bad guys from getting some critical information that the good guys have somewhere.)
Only the victim and victim's Trezor knows the order of the words. The order is generated by Trezor, only shown on its screen, and never transmitted to the infected computer. The malware may make the recovery fail. However, as the malware does not know the order, it can't recover the wallet either