A faulty update has caused Symantec to incorrectly detect the Zlob Trojan in the legitimate open source Nullsoft Scriptable Install System (NSIS) tool. 

A Symantec spokesman did not immediately return a phone call from vnunet.com seeking additional information.

The false positives appear to be caused by a faulty update of Symantec's antivirus signatures distributed on 1 July. According to user comments, the problem was repaired on 3 July.

The faulty detection caused the antivirus software to remove or quarantine the allegedly infected files. The problems only occurred with version 2.17 of NSIS, not the current version 2.18.

NSIS offers a standard way for software developers to have their products installed on a system. It is used by numerous applications including the WinAmp media player, Kaspersky antivirus software and the game Settlers II. 

Last week's error is the fourth time that Symantec has mislabelled NSIS as spyware, according to an overview on the project's web page.

NSIS gets mislabelled as spyware on a regular basis, and Microsoft tops the list of offenders. The software giant's anti-spyware software has failed to recognise the code on five occasions.