Defense+ and the firewall will alert you to anytime a new program hooks itself onto another program, which is kinda what keyloggers do? so when any such new hooks happens defense+ will pop up an alert allowing you to make a decision whether to allow the program to run or not.
I understand more about the firewall alerts part, when any program wants to connect to the internet and if its a trusted clean program you can select remember me for it and it won’t ever ask again. but if any program tried to hook itself onto that program then it will alert you when next time the program needs net access and you can block it from accessing the net or allow it if it, trying to identify whats a keylogger i think is a guessing game, but you can always google what program or file is hooking itself to a program and asking for internet access while that alert remains there awaiting a decision from you.
I’ve heard of snoopfree, ain’t been a new version since 2006? but seems like its a uesufl program for those who want it.
having some sort of layered security in place is a good idea and you have that covered, only real thing with keyloggers i can see is what you allow access to the net or allow to execute and run. CFP should alert you eachtime if an new or unrecognised or modified program does that and give you the option to allow it or block it and so on.
as for the settings for CFP. I have mine on the same Training+safe for the firewall and clean mode for defense+
you can increase the level of security in both but then there firewall will require more deicions from you instead of it automating some processes on its own.
I’m not techie on this stuff too but hope this helps a bit