The garbage collector does not handle variables, so the question in this form does not make sense. It manages allotted objects in the heap managed by it. When you create a variable in your code it only exists in it, it has nothing to do with execution. Do not confuse concepts. Variables are not managed, they do not exist during execution.
The first paragraph also has the wrong premise that can be accessed by any system. This, in general, is not true, and even in the cases that happen you can not do anything to avoid it, it's a compromised system.
Even after editing, the second paragraph does not say what it came from.
The third asks for something that is either normal to happen without doing anything, or has nothing to do, because it is a compromised system. Any content available inside the computer can be accessed if the system is compromised. Under normal conditions only the application can access.
By compromised system understand that any machine that has a user accessing has at least the commitment with respect to it, ie the user does what he wants on his machine, if he has the knowledge or can delegate to another person, there is nothing that can prevent doing this.
If you do not want to give access not decrypted, even because the algorithm that does this will already be a vulnerability that will even allow you to decrypt something that is not even on your computer. Look for a solution that does not require decryption, or that is not done in environments that you do not control 100%, which is difficult. If you can not do this, accept the insecurity. Anyway, there's nothing you can do in programming to try this better.
Notice that the whole conceptualization is wrong, so any path based on it is wrong by definition. And even though I have answered, because I do not think that comes out, the question remains confused.