Thanks for advice, This guys now could are moving on new coins. Anyway always backup you wallets and lock it, When you have noted that you wallet was stolen, Try of use another computer to unlock you wallet and transfer funds to another adress more safe, it will give less time to an attack of brute force to found the pass.
My advice would be:
1) Always install all wallets for coins on a standalone system or in a sandbox environment.
2) Always move coins to offline wallets (cold storage) and keep only a minimum in a hotfile. A Hotfile is the wallet.dat currently on your PC in the normal location ..\roaming\coinname\wallet.dat | ~/.coinname/wallet.dat. Offline or cold storage is when you copy your main wallet.dat with your coins in it to a USB stick/(s) and remove the wallet.dat from your PC. Offline or cold storage is also sending your coins to a paper wallet. This is problematic through for staking coins and that is why I prefer POW coins. if you do have staking coins, put them on a dedicated Raspbery Pi that runs Linux.
3) If you are uncomfortable with a Windows wallet then don't use a Windows wallet but compile and use a Linux wallet.
4) If anyone quotes a wallet download link, make sure that the quoted link still matches and that the checksums are the same.
5) Always first run the wallet through Virustotal.com to get some level of assurance.
6) After 2 days or so run a wallet through Virus total again and re-analyse to see if the scan engines pick anything up after having worked since.
7) Install software that scramble the data between your keyboard and the operating system so that keylogging malware records garbage and attackers cannot steal your coins because they cannot unlock your wallet.dat with the "garbage" password.
8.) Always encrypt your wallet.dat with a long password of 20+ characters consisting of uppercase and lowercase letters, digits and non-alphabetic characters like * or &.
What is interesting is that this particular Eaglecoin wallet only had one obscure detection of a suspicious file on Virustotal when it released a few days back. It was strange enough though to raise the alarm bells with me. After first submission, the AV scan engines then started working on it and by 2 days later, almost half of them have classified the Trojan/(s) and were able to detect it accurately. This could happen because it is possible to obfuscate a virus or to change it slightly so that attack signatures do not pick it up. Sometimes malware can also fool a sandbox behavior analysis. It is important though to get a file into Virustotal asap so that the code is logged.
