According to a post by the ISC and Skull Security tonight, its possible to scan for Conficker-infected hosts using something as simple as Nmap. All you need is the latest BETA version 5 of Nmap 4.85 and run it with the following flags:
nmap –script=smb-check-vulns –script-args=safe=1 -p445 -d <target>
Source:
http://www.skullsecurity.org/blog/?p=209
http://isc.sans.org/diary.html?storyid=6097
Comments