Fix: Windows Defender Behavior:Win32/Hive.ZY

Windows Defender Behavior

Many users reported that Windows Defender, the Microsoft built-in antivirus program, has identified any chromium based programs like Google Chrome, Chromium Edge, Discord, and many other programs as having “Behavior:Win32/Hive.ZY” malware.

According to a Reddit user,  “He got a “threat detected” from windows defender for “Behavior:Win32/Hive.ZY”. the notification quickly disappeared and it said that the threat had been taken care of. then 20 seconds later the same threat notification popped up again, and then went away. “

“Panicked and shut off and completely unplugged my PC. i have no idea what this is, what do i do, scared to turn on PC.”

Peoples are getting “Behavior:Win32/Hive.ZY” error message in Windows.

The full error details include:

“A threat or app was removed from this device”

“This program is dangerous and executes commands from an attacker”

“This program is dangerous and executes commands from an attacker”

“Affected items: behavior: pid:25924:74439979291537”

Windows Defender Behavior Win32:Hive.ZY

What Is Windows Defender Behavior:Win32/Hive.ZY?

According to Microsoft, Microsoft Defender Antivirus detects this threat.

This generic detection for suspicious behaviors is designed to catch potentially malicious files.

If you downloaded a file or received it through email, ensure that it is from a reliable source before opening it.

But Recently, Behavior:Win32/Hive.ZY is bug or glitch which is caused by latest update of Microsoft Defender Antivirus.

Microsoft conformed that Behavior:Win32/Hive.ZY is Microsoft Defender False Positive.

A Reddit user wrote, “Defender’s database probably sees Electron-based or Chromium-based applications as Malware because there is an entry in the Virus DBs No need to freak out it will be patched soon.”

How To Fix Windows Defender Behavior:Win32/Hive.ZY?

According to Independent Advisor in Microsoft discussion forum,

“This does seem to be a false positive, it is a bug currently being reported by hundreds of people at the moment, it seems to be related to all Chromium based web browsers and Electron based apps like Whatsapp, Discord, Spotify…etc.”

“This is an evolving situation with no official word from Microsoft yet, but seems to be caused by Security Intelligence Update for Microsoft Defender Antivirus – KB2267602 (Version 1.373.1508.0)”

Update, on Twitter I see that Microsoft are aware of this and hopefully will solve it soon.

UPDATE: indications from a Microsoft Agent is a fix has been released (Version: 1.373.1537.0)

In Windows 10, select Check for updates in the Windows Security Virus & threat protection screen to check for the latest updates.

Offline installers available on these links:

64bit download:

https://go.microsoft.com/fwlink/?LinkID=121721&arch=x64

32bit Download:

https://go.microsoft.com/fwlink/?LinkID=121721&arch=x86

Fix --- Windows Defender Behavior Win32:Hive.ZY

Simply, To Fix Windows Defender Behavior:Win32/Hive.ZY false positive, check for update  in the Windows Security Virus & threat protection screen. if update is available , Update Windows Defender with latest version. This will fix your issue and Error Behavior:Win32/Hive.ZY will be resolved.

Also Read: Fix: Google Voice Search Not Working On Windows