Dan Kaminsky released some information this morning that it is possible to remotely (and anonymously) detect if Conficker has owned a system. He does link to a POC scanner (python). This is the result of some work by Tillmann Werner and Felix Leder of the Honeynet Project. Looking forward to the paper!
Update: Here is more information about Conficker compiled by the handler’s at the SANS diary. I haven’t personally paid much attention to Conficker recently, mostly because we appear to be fully patched on known, managed systems where I work, so it has been a non-issue since Microsoft released them (MS08-067). That and it was pretty obvious the issue at hand was wormable and would be important.
For corporate domains, scanning for Registry artifacts would be very useful. I wrote regscan.pl and provided it (and an EXE version) in the Download section of RegRipper.net for this purpose.
I guess you could get into a debate as to whether or not a system is “infected” if the persistence mechanism isn’t set…but using the right tools, you’ve got a free, enterprise-wide solution.