Experts at SRI International have released the source code to the scanner they wrote to detect the active P2P scanning that Conficker-infected machines perform. The Conficker worm exhibits a number of interesting characteristics that have helped researchers identify infected machines and help stop the worm s spread. Users can download the scanner for free and run the scanner on their own networks to find infected machines. Many commercial network scanning vendors also have released signatures that will identify infected PCs by fingerprinting a patch that the worm uses to fix the MS08-067 vulnerability.
Source: https://threatpost.com/sri-releases-conficker-scanner-source-code-040609/72550/