Currently I'm using OA free and Avira free as real time guard.

First,I noticed OA free does not provide keylogger protection.Secondly,I'm not sure if OA free's HIPS is as good as Comodo D+.
I use SAS and MBAM free to do on demand scans.
I want to add another real time protection(free).If I add another HIPS,would it be an overkill or cause some conflicts with OA's HIPS?
What's your opinions plz?

as long as it has file execution control its doing good..and yes..keylogger detection is only in paid version..it lacks registry guard if u wanna compare it to CPF's D+ but i can assure you its about 99999999999 times more stable overall and its support is light years ahead...

-{ Quote: "as long as it has file execution control its doing good..and yes..keylogger detection is only in paid version..it lacks registry guard if u wanna compare it to CPF's D+ but i can assure you its about 99999999999 times more stable overall and its support is light years ahead..." }-
Thanks chris2busy!
So far,I kind of agree "its support is ahead..."

Can you explain how does OA paid version stop keyloggers or detect keyloggers?

Hi bonedriven,

Have a look here (http://www.tallemu.com/webhelp3/Keyloggers.html) for an explanation form OA's Online Help.

I have been using the paid version of OA for over a year now and am also an OA Beta tester. You need to understand that OA detects "Keylogger like behavior", which may sound impressive, but does generate a number of what others would call false positives. I have had a number of legitimate programs marked as Keyloggers by OA and the first time you see the pop-up it is kind of scary. However, when you read the pop-up carefully you will see that it states the program could be recording what you type. It's not stating flat out that program xxx IS a Keylogger. So some will call that a false positive but I think that if a program is displaying "Keylogger like behavior" then it is simply warning you about a potential threat. If I know the program AND downloaded it from a trusted source then I allow it. If I have any doubts about it I can always block any Internet access for that program in the Firewall.

Hope this helps. ;)

-{ Quote: "I want to add another real time protection(free).If I add another HIPS,would it be an overkill or cause some conflicts with OA's HIPS?
What's your opinions plz?" }-
I suggest you add Sandboxie free. I don't know if this still holds, but a few months ago I heard that ThreatFire and Online Armor has conflicts.

Hi Gene Benson,

Thanks for your info.

-{ Quote: "I suggest you add Sandboxie free. I don't know if this still holds, but a few months ago I heard that ThreatFire and Online Armor has conflicts." }-

I'll give Sandboxie a go.I never tried it although I heard it often.
ThreatFire has confilcts with a lot of things!!With TF,my computer always had weird behavior.And the support in the forum is poor.I have just dropped it.

-{ Quote: "Hi Gene Benson,

Thanks for your info.



I'll give Sandboxie a go.I never tried it although I heard it often.
ThreatFire has confilcts with a lot of things!!With TF,my computer always had weird behavior.And the support in the forum is poor.I have just dropped it." }-
sandboxie will also not give you full keylogger protection, I think...

-{ Quote: "sandboxie will also not give you full keylogger protection, I think..." }-
I have installed the free sandboxie and like it.But I need some time to learn to tune it.I agree that SB can't give good keylogger protection.
I want to try Drivesentry,but don't know if it would be an overkill or cause some conflicts.

okay...in sandboxie's current sandbox settings u wilol find an option that allows u to select the only app within the sandbox that can communicate with the internet..if u choose firefox.exe only that can communicate so even if you have a keylogger(pretty impossible if u empty sandbox often-or even better make it empty after each exiting) it records ur keystrokes but its no harm since it cannot send the info anywhere..also since u use OA's firewall it will tell u if a "keylogger.exe" tries to connect to the internet...thats what a firewall is for ;p

-{ Quote: "okay...in sandboxie's current sandbox settings u wilol find an option that allows u to select the only app within the sandbox that can communicate with the internet..if u choose firefox.exe only that can communicate so even if you have a keylogger(pretty impossible if u empty sandbox often-or even better make it empty after each exiting) it records ur keystrokes but its no harm since it cannot send the info anywhere..also since u use OA's firewall it will tell u if a "keylogger.exe" tries to connect to the internet...thats what a firewall is for ;p" }-
True.
But we do like double or even triple protection.That's why we usually have an AV,a firewall and a HIPS.
Keylogger is highly dangerous in my opinion.

-{ Quote: "I agree that SB can't give good keylogger protection." }-
You could follow the rules here (http://www.sandboxie.com/phpbb/viewtopic.php?p=20121#20121) posted by Wraithdu in the Sandboxie forum.