CAVS quarantines gdiplusimage.dll

CAVS “thinks” gdiplusimage.dll is a Trojan downloader (and thus quarantines it).

But I don’t see any such proof when I search the web.

Does anyone here know more about this .dll file?


What version of CAVS are you running?

As far as I can tell the dll file is part of Zeon PDF creation software. I use a few different PDF writers but have no knowledge of this one so do not know if it malicious. It may be worth your while submitting this file to Comodo for analysis.

If anyone wants a good free PDF writer try googling for Cute PDF.


I am using CAVS version

I do see some Zeon folders on my C: drive, and they do seem to be related to PDF creation software, but such folders do not contain ANY .dll files.

I searched my C: drive for ‘gdiplus*.*’ and 21 files were found, all but one of which are named gdiplus.[various extensions] (i.e., without the word ‘image’ in their name). The one other file is named gdiplusimage.dll.tenc and it’s in CAVS’ Quarantine file. Did CAVS add the .tenc extension when it quarantined that file?

When CAVS alerted me that it was quarantining that file, I think I was on my son and daughter-in-law’s blog on and I had right-clicked to download a photo of their daughter (my grandaughter) that they had posted on their blog. It seemed strange to me at the time that trying to ‘Save Picture As…’ from would put me at risk of receiving a virus!

I will submit this quarantined file to Comodo for analysis, and will let everyone here know what they tell me.