While it's possible, it's not practical when the malware could simply copy wallet file, steal password using keylogger or read private key from RAM when the wallet opened by user. Are there any known malware which specifically mess with system cryptographic secure PRNG?
If the malware is targeting users who are going to be generating private keys on offline computers that will never touch the internet in the future, stealing information is not going to do very much because it would have no way of transmitting the stolen information.
I get the point, but there aren't many ways for malware enter offline computer. The malware need to be distributed along with the OS or application which will be used (e.g. electrum and additional driver).
My guess is that any malware that targets PRNG is going to be state-sponsored whose targets are embassy employees and spies, so their communications can be intercepted and decrypted.
Then it's not something regular user should worry or could know (if they're targeted).