Anyone come across this xrg1.exe, xrg2.exe

I've just been doing a virus scan with avira and it's come up with xrg1.exe in my sisters user profile.

Avira reports this:

Virus or unwanted program 'TR/BHO.Gen [trojan]'
detected in file 'C:\Users\Claire\AppData\Local\Temp\xrg1.exe.
Action performed: Move file to quarantine.

I've gone to the folder it was contained in and there is also an xrg2.exe which avira hasn't picked up, anyhow, found this out about it:

http://www.prevx.com/filenames/103078361981903688-1681525813/XRG1.EXE.html

Anyone come across this before, anyone maybe know the origin or where it could have been picked up from, i.e. toolbar etc????

Edit: Used Malwarebytes which picked up a few things, basically, the trojan by the looks of it just dumped 4 shortcuts in the pictures, video, muioc and documents folder directing to some sites, nothing harmfull, plus it got rid of the files and some entries into the registry. Also it put a shortcut into the favourites folder in IE7, for an antispyware program. Hopefully, this has rid it all, but i'm gonna use a couple of other programs to scan the system and see if anything else comes up.

 

Also make sure to check the 'Trusted Domain' settings in Internet Explorer as PrevX warns about in the link you posted.

 

All checked and results are good. I'm pretty baffled as to where it came from though.

 

well what does virustotal.com say about it? try to scan the files there to get aliases - other names used by other antivirus vendors... and you'll get more keywords for google