post 11. I can't follow much of what is displayed but enough of it sure looks like logfiles and database table information is modified. I distinctly see some SQL code included. I would have to agree with that person's last paragraph. This stuff was designed for espionage. The malware literally creates then populates table structures with what I don't know.
There are multiple items coming out of all of this.
First the rootkit-temhider.
That seems to be an exposure thru the various Windows up to and including Windows7.
Lot's of people use those little flash USB things.
Then the idea that a lot on the Industrial Control companies ala Siemens use hardcoded passwords in their SCADA is really scary....
I imagine we have some of that over here.