IPS Update download through Security Gateway with enabled Anti-Virus blade fails at 99%.

SmartView Tracker log from Anti-Virus blade shows:

Resource = http://dl3.checkpoint.com/paid/...
Destination = XXX.deploy.static.akamaitechnologies.com (<IP Address>)
Protocol = TCP
Port = http (80)
Action = Prevent
Sent Bytes = 0
Received Bytes = 0
Reason = Failed to process the file
Client Type = Other: FDT_LIBCURL
Information = precise_error: unknown error

"Enabled Archive scanning" box is checked in the Threat Prevention profile that is used in the involved Threat Prevention policy (SmartDashboard - go to "Threat Prevention" tab - in the left tree, click on "Profiles" - go to "Anti-Virus Settings" pane).

Threat Prevention Engine is current set to "Block all connections (Fail-close)" (SmartDashboard - go to "Threat Prevention" tab - in the left tree, expand "Advanced" - go to "Engine Settings" pane).

Setting Threat Prevention Engine to "Allow all connections (Fail-open)" and installing policy resolves the issue (IPS Update download completes successfully).

Debug of DLPU daemon (per sk103939) during the issue shows:
[KAV] kav_clbk_fn: Object Count=10001, Origin object size=..., Current object size=..., Total object size=... (... left), Ratio=...
[KAV] kav_clbk_fn: Maximum number of extracted files reached, canceling scan...