yeah... i know it has its virus definitions and it checks the files against them.. but i was just wondering.. how does it actually identify if some trojan or a keylogger is encountered...??

for example if i write a program for a keylogger on my own and then try to use it.. would the antivirus program detect tht its a key logger... if yes how...??

lets say im using it on my own machine.. and the keylogger just stores the keypresses in a log file on the same machine only...there is not internet activity involved... would it still be detected...??

please enlighten ...