A Japanese indie developer recently recounted the stressful experience of having their game repeatedly flagged as a virus, and gave some helpful information for others who might find themselves in this situation. Their story highlights the power of antivirus software, and how it can prevent developers from distributing games that they poured their heart and soul into.

Shiromofu Factory released their game Dungeon Antiqua back on October 10, 2024. Inspired by the retro charm of early Final Fantasy and Wizardry games, it is a nostalgic dungeon crawler in which you level up your characters by fighting monsters. Playable on both Windows and macOS, it currently has a Very Positive review status on Steam.

Dungeon Antiqua trailer

Post-launch, Shiromofu Factory set about making updates, bug fixes and adding requested features to Dungeon Antiqua. At first it was smooth sailing, but then the December 6 version of the game was released, and users reported that it was triggering virus warnings from antivirus software like Norton, Avast and McAfee. “I went through hell from here on,” recounts the developer in post on note.com, under their username frenchbread.

The dev set about working out what the problem was. Dungeon Antiqua was made using the retro-style game engine Pyxel. This engine uses Python as its programming language and uses Pyinstaller to generate executable files. The developer assumed this was the source of the issue. It seems that virus checkers have a tendency to perceive files generated by Pyinstaller as Trojan viruses, as they behave in a similar way.

As a temporary measure, frenchbread asked users to manually exclude the game .exe file from their antivirus software, so that they would be able to download Dungeon Antiqua. However, on December 12, the dev got a notice from Steam, who had blocked the game from sale because they had received multiple reports of it being a virus.

Frenchbread was able to make their game purchasable again by asking Steam to revert to the previous version for the time being. However, this still left the indie developer stuck in a situation where they would never be able to update their game again.

They then set about the tough task of resolving the problem- purchasing Norton Antivirus so they could test different things out. First of all, they tried building the bootloader themselves, as default bootloaders can seem suspicious to antivirus software. However, unfortunately this didn’t work. Other methods they tried included making reports to antivirus software companies, and looking into buying a code signing certificate to prove that the game file was trustworthy (but this was too expensive).

Getting increasingly stressed out, frenchbread then turned to the code of Dungeon Antiqua itself, looking for any processes that might be perceived as Trojan Horse-like by antivirus software. They subsequently worked out that Python’s “os.remove()” function that they were using to delete local save data files was causing Dungeon Antiqua to be perceived as a virus, and implemented a workaround that didn’t use the “os.remove()” function.

However, even though they now had a version of Dungeon Antiqua that would not be perceived as a virus, the dev’s troubles didn’t end there. They found that the antivirus software “remembered” the URL and file name. So even though Dungeon Antiqua no longer had the code that made it get flagged as a virus, it was still being blocked. They then tried changing the startup.exe file name, but this didn’t work either. The game files were still being perceived as too similar to the initial blocked version.

Dungeon Antiqua file image flip — *The original Dungeon Antiqua file image (left) and the flipped version (right) (Image: Frenchbread on* *note*).

Finally, what ended up working was flipping the fairy image that is the game’s file image 180 degrees. Dungeon Antiqua was able to get the game past the antivirus software and add new updates to their game again.

“This issue was the toughest part of the entire game making process so far (psychologically too),” the developer reveals. “Antivirus software has a lot of power, doesn’t it? It can arbitrarily declare that a product which someone has put their heart and soul into is a virus, and hinder its sale and distribution.”

We have previously reported on other issues facing indie developers including Steam Key scams, programming “traps” occurring in localizations, and how Steam’s return policy harms short games.