When Trend Micro is running it detects the network virus or trojan before it gets to your PC, it is not "scanning", it is live detection, as long as the virus/trojan is in the data base of Trend Micro it will detect the malware's signature, and quarantine the virus/trojan before it gets onto your PC, wether through a properly locked down IE or configured FF browser.

This is before the fact not after......