W32.Shelp is a worm that propagates by exploiting the Microsoft Windows Local Security Authority Service Remote Buffer Overflow (as described in Microsoft Security Bulletin MS04-011).

Technical details can be found at this Symantec page.