these two files are not part of the twentyfourteen and twentyeleven theme. this is a well known issue called CryptoPHP backdoor infection which creates files on server with random filenames. you just need to delete those files and you will be safe again.
Brilliant. Thanks for your speedy help