I couldn't get a grip on how the guy at sysinternals' forum not only managed have his BIOS compromised, and on top of that also discovered that the ROM chips on his graphic card was storing a secondary BIOS etc. To me it sounded too science fiction-ish, something that went beyond realistic paranoia. But I'm very interested in this topic! I did the Process Explorer test on a W7 machine at work and got a bunch of parent non-existent processes on it too. What seems strange to me is that a "simpler" tool such as the Process Explorer would manage to find traces of this rootkit(?) but dedicated anti-rootkit tools fail to discover that there are processes in the system that have no parents*. Obviously, the hostile code writers were very sophisticated, why didn't they pay attention to what traces their code would leave on the system via the Process Explorer? * If having no parent really indicates that your system has been compromised by hostile code or rootkit.