[BUG] Open Claude Desktop and Bit Defender tells me malware has entered my system download-skill_[0126S7qbJMFG8MgX2vmyeRHX-1777218280219.zip
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
very time Claude Code (desktop app) is opened, Bitdefender Total Security immediately detects and quarantines a file in the Windows Temp directory as infected with JS.TeslaCrypt.4.Gen. The file appears to be a skill ZIP package downloaded by the Claude Code skill system at startup.
Steps to Reproduce:
Open the Claude Code desktop application on Windows 11
Bitdefender triggers automatically within seconds of launch
Alert appears on every launch — not a one-time event
Expected Behavior:
Claude Code opens normally without triggering antivirus alerts.
Actual Behavior:
Bitdefender displays the following alert and moves the file to quarantine:
The file C:\Users\randy\AppData\Local\Temp\download-skill_[0126S7qbJMFG8MgX2vmyeRHX-1777218280219.zip is infected with JS.TeslaCrypt.4.Gen and was moved to quarantine.
Environment:
OS: Windows 11 Pro (Build 26200)
Antivirus: Bitdefender Total Security
Application: Claude Code desktop app
Model: claude-sonnet-4-6
What Should Happen?
Help me understand
Error Messages/Logs
The file C:\Users\randy\AppData\Local\Temp\download-skill_0126S7qbJMFG8MgX2vmyeRHX-1777218897377.zip is infected with JS.TeslaCrypt.4.Gen and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean.
Error is constant
Steps to Reproduce
newbie
Claude Model
None
Is this a regression?
Yes, this worked in a previous version
Last Working Version
_No response_
Claude Code Version
most recent desktop
Platform
Anthropic API
Operating System
Windows
Terminal/Shell
PowerShell
Additional Information
_No response_
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗