I remember i vouguely asked this question sometime ago but i couldn't understand the answer still. I realize many of the AV today has add HTTP or TCP or internet resident scanning such as NOD32 Imon and Avast 4.5 But i still don't understand the need of it. Doesn't the webpage get downloaded before view? And therefore will be checked by ( NOD32 4 example ) AMon? This is to the similar question as to why i need DMON as well if AMon does the job anyway. Does that mean if i open a office Document with virus AMon won't detect it? One of the few questions i had about HTTP scanning is that it create little problems with there and then. Like select open a torrent file when download it with IE doesn't work. I seriously hope F prot 4 doesn't include this because so far i haven't seen a HTTP scanner that is totally transperant.