Put Linux on another partition and only use it for the Bitcoin client.
*writing windows virus that reads ext filesystems*
the partition could be on a USB memory stick so you could remove it and lock it in a fire proof safe
even if you got the wallet.dat file you need to decrypt it.
people get hacked by downloading another program (like mining software) that key logs their password.