Well, if it's really filthy rooted pwned, with an attack that is aware of bitcoins and how this system/site works, the malware could just replace the real pubkeys/addresses on the paper wallet that's being generated so that instead of corresponding to the combo of private keys, just corresponds to a private key the attacker controls. It'll stop a generic packet or key logger or the like, but if you really can't trust your computation device, then I don't see how you can trust that your output is right.
We are discussing degrees of security or probability of encountering an attack. The easier an attack is the more likely it will occur.
Sorry... in other words Casascius is "raising the stakes".
To be properly paranoid you could take the list of public keys from Casascius along with the private keys you generated on the pwned machine using the bitaddress-like service and re-run them through the bitaddress-like service on a different computer to double check the calculation of the combined bitcoin address.
I think this novel idea can significantly increase the security of paper wallets against malware, especially once bitcoin goes mainstream.