It’s also the same error code, which means a decompression bomb, according to one of you here. But, with me knowing that web site, I doubt that it’s a decompression bomb!!!
A decompression bomb can be a file thar is 100B compressed and 30KB uncompressed - this is also considered as a decompression bomb.
I admit that while technically correct, the file is not dangerous in any way and shouldn’t be probably tagged as a “bomb”.
forgive me if I fail to understand your response on “decompression bombs”
I too get the same errors logged in my antivirus event log with the same error for perfectly innocent message forums that contain no reference to compressed files. I also get it for seemingly innocent websites that one day log the error and the next day do not … here is my most recent example.
Some forum software (PHP-based) send contents in compressed format (namely, in the GZIP format). This is in accordance with the HTTP 1.1 standard.
WebShield is decompressing the data en route.
Some objects (such as uncompressed images with large areas of the same color) may look like a “decompression bomb” simply because their GZIP compression ratio is say 200:1.
Does that make sense?
I agree that avast probably shouldn’t warn in such cases but it’s not really simple to distinguish…
While I confess not to understand the niceties of the php based GZIP format (nothing of which I see in the source of the web page faulted in my example) and I understand that you are saying that this probably should not be flagged … my point was more to one of inconsistency.
Why was it flagged as an error on 05/19 and why is not flagged today? I doubt very much that the source of this page changed between these dates.
I went back and typed in the (I wonder one one cannot copy from event log windows) urls for a couple of the message forums errors too and they displayed without any further event errors.
I thought a decompression bomb was a malicious archive that uses the HDD until there’s no more free space and thus designed to crash a PC when extracted.
Let’s admit that software providers like Avast have to strike a balance and decide on some decompression level or are you suggesting that error warnings should be specific to every user?