This happens to me periodically with infected files: From Webguard When accessing data from the URL, ... a virus or unwanted program 'HEUR/Crypted' [heuristic] was found. Action taken: Blocked file Now a couple of seconds later from Guard: Virus or unwanted program 'HEUR/Crypted [heuristic]' detected in file 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\WEBGUARD\00001201.exe. Action performed: Deny access So it seems that occasionally guard is detecting a portion of webguard as a virus when something is detected? I'm not sure if this is a correct assessment, but I'm never able to replicate this consistently -- not even with the same files/websites. I'm running Vista 64. Any idea what's going on here?