From Slashdot... http://it.slashdot.org/article.pl?si...&tid=109&tid=1

"Tom Liston, the guy that brought us the LaBrea Tarpit, wrote an open letter to Microsoft regarding the GDI JPEG vulnerability, and Microsoft's scanning tool for this vulnerability, which he calls 'worse then useless'. Tom, who wrote his own scanning tool, ends his letter with 'Please stop treating your customers like idiots and give us information; information that we can use.' Like Tom explains, the official Microsoft scanning tool misses a lot of vulnerable DLL's installed by third parties, and Microsoft fails to explain if these libraries are a problem or not."

Open letter at http://isc.sans.org/diary.php?date=2004-09-26

Download GDISCAN at http://isc.sans.org/gdiscan.php

NOTE: In the results - "Ignore files in directories like Windows\$NtUniinstallKBxxxxx\ and Windows\WinSxS. These are old versions left behind for uninstall purposes."

All clear this end.