back to the subject..
to detect and remove keyloggers :
The Cleaner - www.moosoft.com
A squared
f-secure Blacklight
SSACleaner
flister
ewido
prevention..
Regprot - regestry protection - www.diamondcs.com
Spybot SnD
(as mentioned)
strong Company Policy
user education
enforced IT security Policy
tripwire
As for how keyloggers work.. What we are useing now as our benchmark on understanding then is out of date. an advanced keylogger has moved past the simple keyhook process manipulation. And in a corporate enviroment I would certainly want to protect/detect beyond the kliddie stuff.
so the steps in order of importance
1/ prevention
2/ protection
3/ detection
What works today may not tomorrow