That's a good start. But if you want to be safe against 0-days viruses, at least encrypt the wallet.
Ok, but wouldn't that make any payments i should get fail because the program doesn't have write access to the wallet?
I mean, i could create a copy of the wallet and encrypt it, but then the original would still be insecure
I'm still new to the whole infrastructure of the program, sorry.
In fact you should create a separate 'savings' wallet where you keep the most of your coins. Create it on a system (preferably via a linux live cd) of which you are sure it has not been compromised. Instructions can be found here https://en.bitcoin.it/wiki/Securing_your_wallet.
In fact the point is to create a new wallet on a secure system, then shutdown the bitcoin client, make an encrypted backup of the wallet.dat file and delete the whole thing again (the live OS, I mean)
Then regulary move funds from your 'normal' wallet to the secure one (make a payment to one of those addresses). The balance of a wallet is kept on the network, and it is not needed to keep the savings account "live".
I've came across another link the other day with a clear explanation about this, I'll see if i can find it again.