It is called the "911" worm because shortly before erasing the user's entire hard drive it uses the system's modem to dial 911, producing a large number of "false positive" emergency calls. It is also referred to by the names "chode", "foreskin", and "dickhair" because it creates those three hidden directories. I apologize for having to list those specific names (clearly the authors are not very mature), but the way one sees whether one has this "virus"/"worm" is to search for those directory names.
I believe this is a valid report. It appears to be a "worm" that searches through a range of IP addresses of known ISPs to find an accessible computer. If an accessible computer has its C drive shared, it will copy its files into the other computer, rather than being distributed through email or via a program which is downloaded. This means it is not a true virus, but it still is something serious.
I note that for it to be distributed it has to find a C Drive shared on the internet. This would seem to me to indicate that if one has used Steve Gibson's Shields Up to make sure you don't have any open ports, you should be safe, and certainly if you have the Zone Alarm Firewall you should be safe, and Steve Gibson even has a page discussing this virus and how to remove it.
Previous TCS Virus Alerts: