Remember: keyloggers are extremely difficult to discover because many have polymorphic (able to change their IP address) capabilities, meaning they have the capability to change their form and continue to elude antivirus for months and sometimes years.
Type in your bank name and they start recording your every keystroke .... Bank name ..... Username ..... password ... etc and then send it to the keylogger.
Type in your, or click on your Anti-virus ..... they shut down and after a set amount of time boot up with a new ip address and so even if your anti-virus knew the old ip address, they cannot find the keylogger who is ready for you to type in your Bank name again ....and record your username ... password ...etc.
Get the picture ? And so, even if you are notified to change your password because your bank was hacked by a keylogger, guess what .... if you have a keylogger they are going to get your new password and they appreciated you updating your information.
Of course, if you have Cryptodefender for desktop and mobile, or if you have GuardedID or MobileTrust, they will not get your updated information