For a few days many users have been reporting that Windows Defender detects a strange threat, dubbed “Behavior:Win32/Hive.ZY”. The threat, labeled as “serious,” repeatedly displays as if Windows Defender failed to remove the malware. And this, every 20 seconds or so. After numerous reports on the Microsoft forums, the firm’s engineers therefore looked into the problem.
And it quickly turned out that the “Behavior:Win32/Hive.ZY” detection was actually a false positive. After analysis, the engineers realized that the problem came from a bug in the definitions database, causing this false detection. The alert only seems to show up in users who use applications based on the Electron framework or built with Chromium (WhatsApp, Spotify, Discord…).
Windows Defender: Behavior:Win32/Hive.ZY threat is actually a false positive
It should be known from the outset that “Behavior:Win32/Hive.ZY” is actually a generic name for any suspicious behavior. This is indeed the error that appears when Windows Defender detects a threat by analyzing the behavior of suspicious programs. The alert appeared after definitions update 1.373.1508.0 (KB2267602).
Windows Defender is usually a rather good antivirus on Windows, although it can be pointed out that alternative antiviruses often offer more precise detection – while having less impact on performance. Bitdefender, Norton or McAfee are the most popular antiviruses on Windows.
Note in passing that those who wish can take advantage of the particularly attractive rates that we have negotiated for our readers.
Learn more about Bitdefender
The problem was likely to take some time to be corrected, because the engineers of the firm were in reduced staff, summer holidays oblige. However, we can salute the responsiveness of the Microsoft teams: a patch is already available, and if you no longer see the alert, it is probably because it has been automatically installed on your machine.
Read also – Norton 360 and Bitdefender crowned best Windows antivirus, Defender narrows the gap
If not yet, you can force the update to install. To do this, simply go to Windows Security, then search for a definition update. The patched database has version number 1.373.1537.0.