If you have ever heard of key stroke loggers, you know that they plague many unwary computer users’ lives. These malicious pieces of code will silently stalk their way through a system, logging every push of a key on the user’s keyboard, just waiting for a tasty piece of data to come bounding through (such as a password), so that they can leap in and snatch it up for the nefarious uses of their data cracking masters. Many key stroke loggers are actually very good at deciphering when what you are typing in is a password versus when it is simply referencing passwords. After all, many operating systems keep their logs in the context of a particular program, such as a web browser.
The thing is just as there is no such thing as a perfect protective piece of technology, even the most horrendously complex, totally determined piece of malware can only function so effectively. There are two main ways that you can subvert key stroke logging software: by having one computer that is strictly offline (and on which your passwords will primarily be typed and stored), and also by making use of websites that allow you to enter your passwords through an on screen keyboard which will not allow the logger to have any key strokes to log. Through the use of these two methods, you will offer up very few passwords to a hacker and will give your scanning programs more time to hunt down and eliminate the threat which lurks in your own hard drive.
While it may seem like an inconvenience to work primarily with sites that use on screen keyboards, some great ones already do. For instance, Tradeking offers this as part of its standard membership — it is great security and it does not cost anything extra to invoke. You may also be able to find a cheap second computer, where you can do little more than store passwords.