NIS 2011 ran a automatic scheduled full scan during the night.

Now, 13 hours later, I found two files in the root of the drive 10kb one and 9 kb the other, no extensions, one of them with the name

{84C271C8-F8EC-4120-80BB-619EB880F285}

I opened them in Notepad, they were full of Chinese characters. Using Google translate it turned out this was mostly some nonsensical phrases in Chinese..

Is it possible that the scanner left some tmp files in the root of the drive and forgot to delete them?

The only things running during that time were uTorrent, the Full Scan (which found nothing except tracking cookies) and the Windows Diagnostic Scripting Host, which turns me to the next question - the scan triggers a Radar Pre Leak event. I suppose this is expected?

Log Name:      Application

Source:        Windows Error Reporting

Date:          19. 9. 2010. 3:59:01 AM

Event ID:      1001

Task Category: None

Level:         Information

Keywords:      Classic

User:          N/A

Computer:      ****

Description:

Fault bucket 1291104107, type 5

Event Name: RADAR_PRE_LEAK_32

Response: Not available

Cab Id: 0

Problem signature:

P1: ccSvcHst.exe

P2: 10.0.1.8

P3: 6.1.7600.2.0.0

P4: 

P5: 

P6: 

P7: 

P8: 

P9: 

P10: 

Attached files:

C:\Users\*******\AppData\Local\Temp\RDR7224.tmp\empty.txt

These files may be available here:

Analysis symbol: 

Rechecking for solution: 0

Report Id: 76914216-c391-11df-95d2-9c54eba74a7c

Report Status: 0

The files were generated 7 minutes after this event, the Full Scan finished 20 minutes after this event. It began at 3:53 AM.