Home » How-To » How to Fix “Behavior:Win32/Hive.ZY” on Windows

How to Fix “Behavior:Win32/Hive.ZY” on Windows

Are you getting a “Behavior:Win32/Hive.ZY” error message on Windows?

Here are the details, “A threat or app was removed from this device”.

“This program is dangerous and executes commands from an attacker”.

“Affected items: behavior: pid:25924:74439979291537.

It says that the threat is blocked and that its status is “Severe”.

In this guide, you’ll learn what is the “Behavior:Win32/Hive.ZY” threat on Windows Defender and how to fix it.

What is Behavior:Win32/Hive.ZY?


Behavior:Win32/Hive.ZY is a bug that is caused by the latest Microsoft Defender Antivirus update.

If you’re getting the threat, don’t worry, because it’s not an actual virus.

Thousands of users are reporting the error on forums like Reddit and the Microsoft Community.

Here’s what Apptils Horray said, “Every time I open any chromium-based program, Windows Defender notifies me that it’s found and removed the win32/hive.zy malware”.

Here’s a post by u/tooshiftyforyou on Reddit, “A few minutes ago, I got a “threat detected” from Windows Defender for “Behavior:Win32/Hive.ZY”. The notification quickly disappeared and it said that the threat had been taken care of”.

“20 seconds later the same threat notification popped up again”.

The post got over 1,600 upvotes in less than 9 hours and has more than 900 comments.

Apparently, the error message happens every time you open Chrome, Discord, Spotify, etc.

Don’t panic because it’s a bug with Electron-based or Chromium-based applications.

This is because there is a false entry in the Windows Defender antivirus’ database.

How to fix “Behavior:Win32/Hive.ZY” on Windows

To fix “Behavior:Win32/Hive.ZY” on Windows, you need to wait for a new Microsoft Defender Antivirus update.

According to DaveM121, an Independent Advisor for the Microsoft Community, the threat is caused by the latest Microsoft Defender update.

The update is KB2267602 (Version 1.373.1508.0).

The threat is a false positive and it’s a bug that’s reported by thousands of people worldwide.

Windows Defender Behavior threat bug

Currently, the Microsoft Defender Team is investigating the bug and they will release a patch for it soon.

In the meantime, you shouldn’t click “Allow a threat” through Defender.

Updating Chrome or Edge will not fix the issue, so don’t bother trying.

It’s just a bug on Microsoft’s end, and it affects more than just Chromium-based apps.

It triggers when you open other apps like Windows Settings.

For now, you need to wait until Microsoft fixes the bug and releases a follow-up update for Microsoft Defender.

Update: A fix has been released (Version: 1.373.1537.0), please “select Check for updates” in the “Windows Security Virus & threat protection” screen.

Further reading

How to Fix Error Code 46 in Valorant

How to Fix KB5016691 Update Not Installing on Windows 11

400+ Funny, Cool, And Best Gaming Names

About the author

Lim How Wei

Lim How Wei is the founder of followchain.org, with 8+ years of experience in Social Media Marketing and 4+ years of experience as an active investor in stocks and cryptocurrencies. He has researched, tested, and written thousands of articles ranging from social media platforms to messaging apps.

Lim has been quoted and referenced by major publications and media companies like WikiHow, Fast Company, HuffPost, Vice, New York Post, The Conversation, and many others. One of his articles about the gig economy was quoted by Joe Rogan who hosts The Joe Rogan Experience (arguably the most popular podcast in the world), in the This Past Weekend podcast by Theo Von.

In his free time, Lim plays multiple games like Genshin Impact, League of Legends, Counter-Strike, Hearthstone, RuneScape, and many others. He creates guides, walkthroughs, solutions, and more on games that he plays to help other players with their progression.