When wallets act as trojans/viruses

[paramind22]

Does anyone have any experience how to test whether a wallet may not be secure?   I know the usual methods, but this took place on another crypto forum and it seemed legit.  I talk about it in this thread.  

https://bitcointalk.org/index.php?topic=2142143.msg21425406#msg21425406

Does anyone know what could cause that error?  I'm safely recovered from it but I have some coins in that wallet and not sure I want to boot it up again.  Is there a type of sandbox app or decompiler for such things?

I also got a trojan come up in my scanner after I did a check but I don't know where that came from.

[bathrobehero]

You can never be sure as the payload can be encrypted and triggered anytime and crypto people discarding warnings as "it's just a false positive bro" doesn't help either.

1: Your best bet is to run each wallet in a virtual machine - or on a rig with a throwaway OS which gets replaced periodically.

2: Your second best bet is to have a sandbox software like Sandboxie and set it up so that anything running inside it has no read privileges to important folders (like AppData/Local & Roaming) which makes things more complicated since if a software legitimately tries to write into Roaming, and is prohibited will throw an error. You have to use custom wallet data folders and keep custom browser user data folders (to avoid cookies and user sessions being stolen).

3rd, mostly useless option: using any antivirus with live protection.

4th (absolutely useless) trusting online antivirus softwares' on the wallet exe.