The PC on which the mysterious bouncing box appears is a brand new Compaq.
The bouncing box, which is translucent, is not clickable. It seems to have no purpose other than to exasperate and confuse and encourage victims to “look here”.
A short video of the mysterious bouncing box is here:
Here is a PDF copy of a comparison between two HJT logs – one taken when there was no bouncing window, one when the window was active. You will see there are only a few new processes:
The existence of the additional entries is not conclusive proof that the processes are causing the bouncing window.
There is a picture of the box at the end of this article:
Here is the story of the mysterious box in the words of the PC’s owner – note that despite the steps taken the bouncing box reappeared.
My Wife’s machine had suddenly got a “java coffee cup in a colored box” floating horizontally across her screen continually after some time online. No scans for virii or spyware showed anything, no processes that looked unusual, etc. and it persisted for a few years. It finally disappeared some months ago. I had blamed it on her opening some website with some graphic/media/joke sent by a computer-illiterate friend. Last night I had to eat crow and apologize to my Wife!
I bought a “Black Friday” special (day after US Thanksgiving dealers sell stuff for ridiculous prices), a Compaq Presario SR2039X Media Center 2005 machine for $389.00 (with LCD, printer and free Vista upgrade)! Yesterday I took it out of the box and spent part of the day running Windows and other updates. NOTHING personal on the machine and only AIDA32 added for a baseline inventory, ZoneAlarm and AVG AV added. I did NOT enable Symantec’s integrated protection junk! I just DL’d and installed Adobe Reader 8, walked away and came back to that infamous “java coffee cup in a colored box” floating across the screen! [I don’t know if I had installed ZA and AVG before or after this happened.]
I did look thru Msconfig and Add/Remove Programs and found lots of junk I’d never let near a machine (WeatherBug, Wild Tangent, AOHell, Symantec, RealPlayer, etc.). Late in the day I did go about disabling and then uninstalling this junkware (as well as Java, just in case).”
So, gentle reader, do you have any idea what the mysterious bouncing box may be? Have you seen it before?