Possible Exploit – Rogue plugins.php file

Today I got the “you don’t have permissions to access this page” solely on the plugins list. I cleared it b doing an auto re-install of WP 3.01, but in my /wp-content/plugins directory I found a rogue plugins.php file that is binary starts with ob_start() then gibberish then ends with
<?php $t=gzinflate(ob_get_contents());ob_end_clean();eval($t)

So I can guess elsewhere it inserted this function, and called it to run here? I follow most of the standard security recommendations….

I deleted it and have a copy of this if anyone wants to investigate.