They are Unix/Linux commands, ignore them if you don’t have access to a *nix command line. Winmerge will do the job for you just as well.
It always helps to use:
ls /dir-of-your-wordpress-install/ |xargs md5sum
ls /dir-of-a-default-wordpress-install/ |xargs md5sum
Compare the hashes and any file not matching will most likely have your ‘malicious’ code.
I’m not in front of a (*nix) box at the moment but i’m sure someone here who is can combine the above two and just pump out the hashes that don’t match.
This is one way of doing things,
Jason
