Unlock and Unblock the Windows Hosts File

Posted: 2013-12-11 19:29:40

Some anti-virus, anti-sypware/malware, and firewall software lock the Windows Hosts file so no one can edit it (by maintaining an open file-handle with no write share permissions on this file).

The file is –

The most common Hosts file locker is SpyBot Search & Destroy. Others can be: ZoneAlarm, HostsMan, WinPartol, SpywareBlaster, Ad-Aware, etc.

Try to locate the application(s) that are responsible for this, and turn off the Hosts file lock in their settings (or uninstall/remove the application).

Unlock the Windows Hosts File

Spybot S&D

With the Advanced Mode active
Tools section
IE Tweaks section
Uncheck: "Lock hosts file as protection against hijackers"

* To make this change, you might need to start Spybot by right-clicking on it, and selecting ‘Run as admin’.


Firewall - Main - Advanced Button - Advanced Settings
Uncheck: "Lock Host File"

* You might also need to disable or configure ZoneAlarm’s OSFirewall.

* It is usually necessary to reboot after these modifications.

Exclude the Windows Hosts File From Scans

Aside from unlocking the Hosts file, you’ll also need to make sure changes to this file are not marked as malicious and then undone – by excluding the Hosts file location from scanning.

Windows Defender & Windows Security Essentials

On Windows 8, open Windows Defender.

On Windows 7 and lower, open Windows Security Essentials.

Settings - Excluded files and locations
File locations: (type in...)
Click Add, and then Save changes


Settings - Threats & Exclusions - Exclusions - Settings
Add - Select file or Folder:

* This does not always work under Kaspersky… If the Hosts file is still locked or not editable, try turning off Kaspersky to see if it’s the source of the issue.


Application and Device Control
Application Control
De-select rule: 'Block modifications to hosts file'

* It might be necessary to reboot after these modifications.

Allow Applications To Modify the Windows Hosts File

Some firewall, anti-virus, and anti-malware security applications will directly prevent applications and processes such as WampDeveloper Pro (and other WAMP server related applications) from changing the Hosts file.

The process these security applications block (from modifying the Windows Hosts file) should be added to their trusted list or exceptions list…

Add Trusted Process:

Kaspersky Application Control:
How to configure application rules and other resources protection in Kaspersky Internet Security 2014

BitDefender Business:
How to add application or process exclusions in Bitdefender Control Center

BitDefender Consumer:
How to add exceptions

Symantec Endpoint Protection:
Creating an DNS or Host File Change Exception in Symantec Endpoint Protection Manager 12.1 RU1 MP1 and above

File and Folder Lock Finders

There are free tools you can use to find out who/what is locking this file. They will show you which process is maintaining the lock, and you can infer by the process’s name/path what the application is. Then open the application and go through the application’s settings.

Run from the command-line (right click cmd.exe, select ‘Run as admin’):

handle C:\Windows\System32\Drivers\etc\
handle C:\Windows\System32\Drivers\etc\hosts

Lock Hunter

Windows Sysinternals Process Explorer

Unlocker (* removed link, seems to have gone with monetizing the website and app with tricking you on clicking “download” ads or installing spyware/crapware; try older “portable” v1.9.0 download at bottom of their page)


1. If you are unable to see this file, change Folder View options to: show hidden files and folders, show known file extensions, and NOT hide protected files.

2. The true HOSTS file path (under all Windows versions) is defined in this Registry key:

3. Howto reset the Hosts file to it’s original default state.

4. If you can’t seem to unlock and unblock the Windows Hosts file, or not able to modify or change the Windows Hosts file, you might need to start turning off the different security software and applications on your system to figure out which one is the culprit.