OK zing, I think it's a false alarm!
Ran Hijackthis and couldn't see anything suspicious in the list it generated so I downloaded Unlocker 1.8.9 and used it see what was attached to InfectDirectx.dll and got these 2 files:
ImperoRemoteControlServer.exe
Marker.exe
These are two programs that run anyway on our laptops.
ImperoRemoteControlServer.exe is from Impero, a program that remotely monitors a PC/Laptop and can take full control of it or lockout anybody/thing the controller wants, it's installed as a client/server so those files are exactly like spyware/malware and do infact take remote control of a computer as it's supposed to, but in this case legit!
Marker.exe is part of SMARTBoard software for Interactive Whiteboards so you can attach a PC/Laptop to a projector and use the Interactive board like a touchscreen to control your PC/Laptop!
Impero creates these files when run:
Quiksnk.sys
MaskMessage.dll
InfectDirectx.dll
Not sure where TrapKey.dll comes into it as it's attached to Winlogon.exe which is a valid file with a digital cert attached but I'd guess it's also part of Impero so it traps ALT+CTRL+DEL!!
So I think after running Malwarebytes, Sophos and Hijackthis and not finding anything remotely (no pun intended) suspicious I think I can safely say this is
NOT a rootkit/virus!!
But of a letdown in the end, hoped I'd found something new and be the first to say I'd got it
