Lobby flagged by Avast anti virus.

"Win32:Dropper-gen [Drp] is a generic detection used by Avast Antivirus and other antivirus products for a file that appears to have trojan-like features or behavior."

"Win32:Dropper-gen [Drp] is a trojan that silently downloads and installs other programs without consent."

"Due to the generic nature of this detection, methods of installation may vary. The Win32:Dropper-gen [Drp] infections may often install themselves by copying their executable to the Windows or Windows system folders, and then modifying the registry to run this file at each system start. Win32:Dropper-gen [Drp]will often modify the following subkey in order to accomplish this:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run"

"Files reported as Win32:Dropper-gen [Drp] are not necessarily malicious."

Sounds like it's just detecting that ZKL is installing other programs (IE, Spring). Do we have anything that it installs then runs on startup (maybe itself?).

ZKLobby uses whatever browser is easily incorporable into the .NET framework, which is IE because .NET is made by MS. When you use Mono on Linux, it doesn't do that.

im using also avast, but was not online last night.

maybe, as this problem may affect many users (especially new ones), we should contact avast so they exclude zero-k lobby from the malicious list ? :/

quote: we should contact avast so they exclude zero-k lobby from the malicious list ? :/

yes.
http://www.avast.com/contact-form.php
option: "report false virus in file"