as another-kop-hero says they're not illegal, but it might be a nice idea to find out how long it's been on your pc and what exactly you've done since it was there, ie. have you bought anything online/logged into online banking/anything like that, and either change passwords or inform your bank, even if just to cover yourself in the event they attempt to buy a ferrari on your debit card (this has happened to me, they didn't try to buy a ferrari, but in total they got £1400 worth of shit from Argos, of all fucking places, and if it wasn't for me being such a predictable fucker in my spending that the bank believed it wasn't me doing it). If you have a firewall chances are it's been blocked from accessing the web and uploading anything from your pc inwhich case there's no need to panic, unless of course you let it go online
You got any clues how it got there?
One way shit like this is being spread is through P2P programs like Kazaa/Limewire etc, never ever open anything, and i mean ANYTHING, from somewhere like without scanning it first, they're not trusted sources and fuckwits the world over infect files and distribute them on places like Kazaa cos they *know* 90% of the people who use it are fairly naive.