Software keyloggers, though, can be far more difficult to detect and remove. After all, they are rarely named "evil keylogger.exe" when installed. Often malware, like keyloggers, have names that are similar to other normal processes like svchost.exe, making it difficult to distinguish between a safe process and a malicious one.
I recommend becoming familiar with tools that are generally used for detecting rootkits. Many of the tricks that rootkits use to hide on computers are also used by keyloggers, and keyloggers are often incorporated into various rootkits.
Tools like IceSword, FileMon and F-Secure plc's Backlight utility are great for seeing the internal workings of a system. I would also recommend keeping your antivirus product up to date, since many of the AV vendors have signatures for common keyloggers.
To verify that the malicious code is gone, monitor the network traffic to and from your system with a tool like Wireshark to ensure that the system is not communicating with the attacker.
This was first published in March 2009