Last night clam v 98 found Win.Trojan.Vilsel-4222 in the old .exe install file for Clamwin 0.98. I assumed it was a false positive.

Today I downloaded v98.1 from sourceforge... and when I scanned the install file before executing it, clamwin reports it also is infected with the same trojan.

Is this a false positive?
Is clamwin being infected at the server?
Is this an NSA intercept?

Is there something wrong with sourceforge? I notice the latest version there is 98.1 but the latest version on the clamav.net is 98.3... should be ignore sourceforge and just go with clamav.net?

Anything is possible where the web it concerned, but I doubt if there is an infection at the SourceForge servers, and I doubt that the NSA is interested in ClamWin. So that leaves a probable false positive. If you still have the downloaded file, upload it to Jotti or VirusTotal and see what multiple scanners say. I like to see at least 2 of these AVs verify something: Avira AntiVir, Bitdefender, Eset Nod32, Kaspersky, and Sophos.

You should always use the most recent version of ClamWin, which is currently 98.1. Clam AV issued a release candidate .98.4 bug fix shortly after they released version 98.3, so the ClamWin developers decided to wait until the bugs are fixed to get a port for ClamWin

Thank you for using ClamWin.

Regards,