With an infected host machine, your VM is compromised too.
The general approach to safely create a seed is:
- Download a wallet (e.g. electrum)
- Verify the signature to make sure you are not a victim of a MITM attack
- Boot your PC with a linux live system (without internet connection)
- Move electrum to your live system and generate your seed
- Back your seed up (offline, on paper)
- Export your xpub (to create a watch-only wallet on your online-pc)
- Delete everything (Or simply shutdown your live system; all traces get removed)
And afterwards you have to make sure to NOT import your seed into a wallet on your online-machine. This would destroy the whole purpose of creating the seed offline.
To sign transactions you either have to use an alway-offline-PC or boot into a live system (without internet connection) each time.
The easier way probably would be to use a dedicated offline machine or a hardware wallet.
