I think this guy is 12 year old. He is asking the same question in difference ways, and even he received the answer he didn't understand yet.
I don't think Resident Shield provide protection only after the damage is done. But, can Resident Shield scan the decrypted and reassmbled scripts before they pass through the script engine(i.e., WSH or browser script engine)? Won't web pages coming from internet be loaded into the temporary internet folder/cache? Why doesn't Resident Shield work there? If those encrypted files or web pages are to be decrypted and/or reassembled to do any harm, is there no way for Resident Shield to play as the last line of defense to intercept the decrypted scripts?
The resident shield SCAN EVERY FILE THAT IS WRITE IN THE HARD DISK, SOOOOOOOOOOOO it will scan the temporary internet folder/cache, in case that you dont have the Webshield activate. Webshield and script blocker are first line of defense, if you dont have those shield activated it will be catch by resident shield even they are decrypted scripts, because the resident USE the virus signature to detect themmmmm.
Following Lukor example, that file is scanned by Script blocker, but if you dont have that shield, that it will be cathed in the moment that it is written to hdd by resident shield. So the only way you can be infected by a bad script is in 2 cases:
1. The script is not in the Virus db yet.
2. You have the resident shield disabled.
How I can explain you better?