DT has no relation AT ALL with: "Antivirus XP 2008".

So how could DT be involved here?

Please provide URL where you did download DT product with such problems?

Antivirus XP 2008. That's been popping up a LOT lately at work. Also known as Antivirus Vista 2008, Antivirus XP 2009 and WinAntivirus Pro (and possibly others). Fake AV program that riddles your computer with tons of malware, trojans and viruses. Not horribly difficult to remove (others - like Virtumonde - are much harder), but still a big problem for our customers.

As Alco said, there's no way you got that from DTools. I'm 100% certain you wouldn't have got it from any of their sites.

No, I am 100% certain that it came from the download site for daemon tools, the one that's linked as "DOWNLOAD-MIRROR 1: CLICK HERE TO DOWNLOAD IF ABOVE LINK DOES NOT WORK " on this page: - THE DAEMONS HOME

The site (or possibly one of the advertisers on the site) is infected with something that exploits security flaws in old versions of firefox and installs the "Antivirus XP 2008" program.

we just checked the server, all files and looked for exploits,
nada, nothing.

Although we're thankfull if someone points out flaws here, this
becomes more a witch-hunt with non-info.

If you have anything valid to say, please support us with more
info:

browser-version, OS version

also please store the site for deeper investigation that exploited
you - please contact us at: support@daemon-tools.cc

and then we give you instructions how you can submit
the site-sourcecode so we can take a look to it.

Please note that from the several thousand! of downloaders (daily!),
NOONE reported anything. Of course we take every info
serious, but I must point out that its very suspicious that
noone except you detected such behaviour.

So for now lets see what you can submit us - without further
proper info, we're unable to help you

I spent some time uninstalling and reinstalling old versions of firefox and java trying to get it to happen again and I couldn't, so maybe it's been fixed already. (I was on firefox 1.5.0.3, not sure which version of java, but I know I got java updates yesterday also.)

I found a couple other reports that one of their advertisers, clicksor was installing malware through a java exploit: Malicious Advertising - B.I.S.S. Forums and Flash Mystery - B.I.S.S. Forums (it's way down the page, control+f for clicksor)

also, if anybody else gets "antivirus xp 2008", this program gets rid of it: http://download.bleepingcomputer.com...mbam-setup.exe

Well then we will take it VERY seriously and we would contact clicksor about this sh.t!!!

Thanks a lot for bringing this issue to our attention!

as you see, we already reacted and proof the whole issue, if
this is true it WILL have consequences. In no way did we ever
abused our users. As precaution, we already take that adsponsor
down. As you see we play with open cards as we always did.
Anyway, I still hope that you're wrong, it would be indeed sad.

We are aware that every now and then adsponsors on very
respected/serious sites were target of such kind of "attacks".

Therefore our apologies and a big thank you to point us in the
right direction!

We will keep you informed about our results.