It also appears this wriggling beastie uses IRC and FTP to propagate itself, but the anti-virus types aren't quite sure about what all it does yet. I've heard that this thing gets its claws pretty deep into an infected system. You can find more info at Symantec's SARC, where they haven't yet posted instructions on removing the virus.
To protect against the IIS exploit, grab the MS patch here. The MIME exploit patch is online here. Neither of these is a new exploit, but it's best to make sure you're protected, since the costs of infection are high.
I watched this thing bang on the TR server for a while (no harm done; we run Apache) by grepping through the logs, and it seems the worm hits computers with similar IP addresses first. We were getting hit primarily from addresses that shared the first two octects with our own. (Search for "cmd.exe" requests if you want to check your own server logs.) Install those patches and update those anti-virus defintions, folks. Nimda is nasty.