The problem with keyloggers is that it is ridiculously easy to write one. If you write one from scratch hardly any malware detector will pick it up. This for keyloggers that work when the user is logged into Windows, for ones that work when no user is logged in (thus logging the logon process) requires a rootkit/driver hack and is significantly more complex.