Some anti-virus, anti-sypware/malware, and firewall software lock the Windows Hosts file so no one can edit it (by maintaining an open file-handle with no write share permissions on this file).
The file is – C:\Windows\System32\drivers\etc\hosts
The most common Hosts file locker is SpyBot Search & Destroy. Others can be: ZoneAlarm, HostsMan, WinPartol, SpywareBlaster, Ad-Aware, etc.
Try to locate the application(s) that are responsible for this, and turn off the Hosts file lock in their settings (or uninstall/remove the application).
With the Advanced Mode activeTools sectionIE Tweaks sectionUncheck: "Lock hosts file as protection against hijackers"
* To make this change, you might need to start Spybot by right-clicking on it, and selecting ‘Run as admin’.
Firewall - Main - Advanced Button - Advanced SettingsUncheck: "Lock Host File"
* You might also need to disable or configure ZoneAlarm’s OSFirewall.
* It is usually necessary to reboot after these modifications.
Aside from unlocking the Hosts file, you’ll also need to make sure changes to this file are not marked as malicious and then undone – by excluding the Hosts file location from scanning.
On Windows 8, open .
On Windows 7 and lower, open Windows Security Essentials.
Settings - Excluded files and locationsFile locations: (type in...)C:\Windows\System32\drivers\etc\;Click Add, and then Save changes
Settings - Threats & Exclusions - Exclusions - SettingsAdd - Select file or Folder:C:\Windows\System32\drivers\etc\
* This does not always work under Kaspersky… If the Hosts file is still locked or not editable, try turning off Kaspersky to see if it’s the source of the issue.
Application and Device ControlApplication ControlDe-select rule: 'Block modifications to hosts file'
* It might be necessary to reboot after these modifications.
Some firewall, anti-virus, and anti-malware security applications will directly prevent applications and processes such as (and other WAMP server related applications) from changing the Hosts file.
The process these security applications block (from modifying the Windows Hosts file) should be added to their trusted list or exceptions list…
Add Trusted Process: C:\WampDeveloper\WampDeveloper.exe
Kaspersky Application Control:
BitDefender Business:
BitDefender Consumer:
Symantec Endpoint Protection:
There are free tools you can use to find out who/what is locking this file. They will show you which process is maintaining the lock, and you can infer by the process’s name/path what the application is. Then open the application and go through the application’s settings.
Run from the command-line (right click cmd.exe, select ‘Run as admin’):
handle C:\Windows\System32\Drivers\etc\handle C:\Windows\System32\Drivers\etc\hosts
Unlocker (* removed link, seems to have gone with monetizing the website and app with tricking you on clicking “download” ads or installing spyware/crapware; try older “portable” v1.9.0 download at bottom of their page)
1. If you are unable to see this file, change Folder View options to: show hidden files and folders, show known file extensions, and NOT hide protected files.
2. The true HOSTS file path (under all Windows versions) is defined in this Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath
3. Howto .
4. If you can’t seem to unlock and unblock the Windows Hosts file, or not able to modify or change the Windows Hosts file, you might need to start turning off the different security software and applications on your system to figure out which one is the culprit.