When refreshing the FTP directory periodically, three .dat files appeared. I have downloaded them and removed them from the FTP server. After starting up bitcoind with them I will report on any addresses they contain that have been seen in the block chain. If they turn out to be your addresses, create a new wallet on a secure machine and spend all of your coins to one of its addresses ASAP.
EDIT: More keep popping up every so often. I am downloading and deleting all that I find.
You might want to also set up something that periodically checks to see if the mal-executable changes. The author may change the destination details.
Yup, already doing that too.