Only way is if root was running the wallet and other wallets were in the same machine.
There is no way any ordinary/available/typical kind of machine, even high powered ones, could run all the coins Cryptsy was running.
Try it!
So it makes even less sense that some pathetic scamcoin would even be on the same physical machine as top of the line actually-valuable well-established coins, let alone on the same username in the same virtual machine.
For a newly-remade trojan without a large team of well known developers with expensive reputations on the line all using verifiable compile processes to sign releases and so on to manage to get run on the same machine as e.g. bitcoin itself would pretty much require a deliberate intent to expose a specific, known number of bitcoins to attack by that new potential-trojan.
In other words, when you choose which physical machine to run a coin on, and which virtual machine on that machine, and which username on that virtual machine, you are specifically deciding how many of which other coins you want to give that new program the opportunity to "attack if it is going to", so you know how many of which coin you want to put at risk and why, such as for example to decide how much temptation you want to expose that program's developer to in order to test his or her integrity and the integrity of the code they have provided.
It is thus pretty much unbelievable that some scamcoin such as lucky7 would ever even be on the same hardware machine, let alone virtual machine, let alone username, as bitcoin...
...Unless you chose for example to test the integrity by putting a half a bitcoin, or a bitcoin, or whatever your chosen bounty is for discovering a trojan, into its reach to test whether despite all your efforts to inspect it it might still harbour some nastiness...
-MarkM-
