In WP version 2.6, the two themes distributed with the WordPress package were named "classic" and "default". So at this path in an installation of 2.6 - /wordpress/wp-content/themes - you would probably find:
The custom theme was most likely someone's effort at making a unique theme for their site. One could only guess the origin of the ".php.bogus" files, but in doing so, it might be something as simple as someone renaming some original theme files with a ".bogus" extension - much as you might use the ".bak" extension - while using copies of the originals to modify.
Another explanation could be that the site has fallen victim to one of the known vulnerabilities present in that version of WordPress (or issues with the hosting account itself), and has been compromised.
Of course, everything I suggested is pure guesswork on my part without first hand knowledge of the site.