Hi, I´m not sure if you understood me correctly. What I´m saying is that, to my surprise, your anti keylogging tool is able to bypass HIPS on my VM test machine. (HIPS tested: SSM, NG, ThreatFire and Comodo. First three fail.) SSM and NG will alert about the stuff mentioned in post #20, except for the driver loading. TF will not alert about anything. All HIPS should have been able to stop AK from working correctly, but they can´t. So it´s not really a problem with your tool, but let´s say if FireLion AK was malware, I wouldn´t be too happy. Perhaps others can check it out. And can you still give an answer on post #20, is it really necessary to do all these things to stop all these keylogging methods?