Is there a full-disk-encryption OR single-file-encryption solution like an operating system or a combination of devices or services ... that make sure that the master-decryption-key can NOT be extracted or stolen by a trojan horse.
So basically a system where sensitive files are added, edited, stored and displayed ... but in case of a trojan infection still keeping the secret-key secure to prevent the decryption of all documents?
It is possible to have an encryption scheme where all the cryptographic routine run on a smartcard. The smartcard contains the encryption and decryption key and the cryptographic operations are run on the smart card, rather than the main OS.
All that the main OS are able to do is send commands to the smartcard and receive encrypted or decrypted data, but it never hold the keys itself. This is rarely used in practice for full disk encryption because of poor performance (all data to be read/written must pass through the smartcard interface twice). For file encryption, many OpenPGP smartcard have this functionality.
The reason this is rarely used is because it's of limited advantage. If an attacker gains full administrative access to the system, the attacker can still encrypt or decrypt anything, even without knowing the private key. In most cases, it's the data that you want to protect, not the key itself; so an attacker being able to encrypt/decrypt arbitrary data is just as bad as leakage of the keys.
Fundamentally, the key must be available (at the very least for a short time) in order to decrypt something, whether the key be on the disk or in RAM or on an external drive. For nearly every encryption, the key must be available to the computer so you cannot have it not available to the computer and be able to access the data.
There are external encryption devices (like smart keys) which store the key itself internally in such a way as to prevent access to the key while still enabling cryptographic services, so you could encrypt/decrypt something with one of these chips without having the key ever accessible to the CPU, but this is neither common nor trivial to accomplish.
