Very true

Why is it everyone seems to squeal "keylogger" these days, when there are much more sophisticated solutions around?

This is an example:

http://www.symantec.com/security_res...100113-5137-99

Assuming that you can eliminate physical access and activities by your systems administrators, this is what you would look for:

1. Collection of information.
2. Storage of information.
3. Transmission of information.

People who write security compromise software that is worth its salt are well aware of Task Manager and how to avoid it.

At the very least you should use more sophisticated tools such as Process Explorer 9.02 and Startup CPL 2.8 (or later versions if available).

brokencrow has just posted this free software:

http://www.sophos.com/products/free-...i-rootkit.html

It might prove helpful in detecting anything that has been stealthed?