Hosts File access

Hi,

I'm using Windows 10. I've just started using Bitdefender after using Kaspersky for many years. In the light of the current circumstances I decided to uninstall Kaspersy for obvious reasons.

I am a developer and I need to be able to switch my hosts file at the click of a button. I had written a program to do this and it has been working fine with Kaspersky for years, although I had to explicitly give it rights to change out the hosts file. However, now it seems I am unable to programatically make changes to the hosts file with Bitdefender running.

I am using Bitdefender Total Security. When I've searched for answers to this I've seen instructions to stop scanning of the hosts file by going to: General Settings > Advanced tab > "Scan hosts file" button.

This button is not available in my version of Bitdefender.

I have tried adding the path to the hosts file folder (C:\Windows\System32\drivers\etc) and the path to the hosts file (C:\Windows\System32\drivers\etc\hosts) to exceptions but the program still fails to access the hosts file. I also added my program that manipulates the hosts file to the exceptions.

How can I grant access and allow the software I have written to manipulate the hosts file on my machine?

I can't believe that it is not possibe. It was straight forward with Kaspersky!

I'd be grateful for any suggestions.

Thanks.

Comments

  • Hello, I am also experiencing issues as such. I am very interested in an answer from support.

  • Hello,

    The button has been moved under Protection -> Vulnerabilty:

    Make sure you have the latest update installed, as it was not displayed here on the previous version.

    By default, Bitdefender performs automatic updates when you turn on your computer and every hour after that.

    To manually update the Bitdefender security solution installed on your Windows computer, follow the steps below:

    1. Right-click the Bitdefender icon in the System Tray, and then select the Update Now option from the menu. You can refer to the image below for help if you have difficulties finding the Bitdefender icon in the Windows notification area.
    2. Bitdefender will start checking for product and signature updates.
    3. If new threat definitions or a newer build version are available, they are automatically downloaded and installed on your computer.

    Let us know if the information was helpful.

    Best regards.

    Premium Security & Bitdefender Endpoint Security Tools user

  • User345
    edited March 2022

    Hi @Alexandru_BD

    Thanks for directing me to the "Scan hosts file" option. However, switching this off does not fix my problem. I am still being blocked from programmatically altering the Hosts file. I've tried disabling every option in Bitdefender but there still seems to be a lock on the Hosts file that stops me altering it.

    Is it possible to switch on some sort of advanced real-time logging in BitDefender to actually see why it is being blocked?

    Thanks.

  • Hi,

    I would recommend contacting the Technical Support Teams, as more information might be required to troubleshoot this. You can get in touch with our engineers by choosing one of the contact methods available here:

    https://www.bitdefender.com/consumer/support/

    Stay safe.

    Premium Security & Bitdefender Endpoint Security Tools user

  • Editing the 'hosts' file in Windows (e.g. with Notepad) normally requires 'Administrator' privileges, is this your problem. Or have you set the 'hosts' file to be read only as part of the process of getting Bitdefender not to alter it?

  • I had the exact same problems as the people on this thread. Here are some notes:

    1. Custom lines in the hosts file were getting commented out. Changing Bitdefender's "Scan hosts file" to off fixed it. I wish Bitdefender had an option to store a new "signature" of the valid host file so I can turn the option back on, but it is what it is.
    2. Cannot edit the hosts file directly. And yes...I do have admin access. Instead of busting my brain trying to figure it, I just copy the file out of the etc\directory to a dummy location, edit it, and then copy it back. I of course back it up just in case. On a side note, it's probably better for me to leave the security this way as the file cannot be edited directly. I only modify the file once in a blue-moon anyway.
  • Flexx
    Flexx mod
    edited December 2022

    Can you download and try using the software BlueLife Hosts Editor v1.4 from https://www.sordum.org/8266/bluelifehosts-editor-v1-4/ and see if it is able to add or remove entries from the windows host file.

    If issue persists,

    Generate bitdefender support tool logs (https://www.bitdefender.com/consumer/support/answer/1733/)

    Generate bitdefender connectivity logs (https://www.bitdefender.com/consumer/support/answer/9689/)

    Share the logs & your query with bitdefender support team by dropping them an email at bitsy@bitdefender.com

    The support team will reply back to your query within next 24-48 hours excluding weekends.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Gnarf
    Gnarf
    edited March 2023

    Hey, Unfortunately, it doesn't work that way for me. My host file was already edited. I have only changed the virus software and now I can no longer access my NAS via the names. The IPs work but the names in the host file it does not like. So did you do anything else?

    Thanks a lot.


    EDIT

    Now i got it. As soon as you activate the option "Scan hosts file", your own entries in the host file are commented out. So deactivated! So you have to disable the option and then change the file. The option must then also remain off because as soon as one activates this once again, he comments out the own entries again with a # before the entries.  

    Thanks a lot

  • pkss
    edited June 2023

    Switching off "Scan hosts file" is not the best option for persistently adding user specific addresses/names to the hosts file.

    I want the hosts file to be scanned, I just do not want my user specific lines beeing removed or deactivated.

    So please Bitdefender: Find a way to allow (and preserve) user-specific entries, but still have hosts file scanning active.

  • No antimalware provides this option. Either your host file will be scanned or it will not be scanned. There is no particular method by which only the host file will be scanned by excluding your specific addresses or names or ip.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Well, clearly there should be a way to make a "trusted snapshot" of hosts file and let Bitdefender scan it for changes compared to the snaphot, not "empty" file...

  • Was banging my head against the wall and finally figured out Bitdefender was commenting out host file entries I manually made. Agree with NobodyIsHere - Bitdefender needs to

    a) provide a mechanism to allow host file updates and

    b) PUT IN A COMMENT THAT IT IS RESPONSIBLE FOR COMMENTING OUT ITEMS IN THE HOSTS FILE. Seriously - they've decided to write to the hosts file to make comments, so how hard would it have been to add a comment line saying that BITDEFENDER chose to comment out some entries?

  • Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Hello,

    I came across this post while helping a friend who is having problems with editing hosts files due to Bitdefender protection.

    I just want to provide my testimony about the behavior of a competing antimalware that protect against hosts modifications AND persists user changes (yes it exists): Avira.

    To be able to modify the file manually or by a program (which is the case for me with Docker), you just have to temporarily deactivate the protection, modify the file (or run the program which modifies it) then reactivate it. The changes made are persistent and the file is protected against modifications again (you can open it but can't save it, even as admin).

    As to whether this approach is the same or less effective as protection against malware, I have no idea.

    But if the Bitdefender team finds that it would provide an equivalent level of protection, then I think it could be an interesting improvement. (And if it provides less effective protection, then perhaps offer this option to advanced users as an alternative to how the protection currently works)

  • Chris Ch
    edited April 27

    I'm having the same problem. Recently switched from Avast and it took me a while to figure why this was happening. Starting to regret my switch to Bitdefender.

  • I would like to echo the frustration others have expressed on this thread.

    I have to have an entry in my hosts file to print to my Xerox printer. However Bitdefender modifies the hosts file by inserting a '#' on the last line and then appends the lines discussed at https://www.reddit.com/r/antivirus/comments/1c6ywz8/found_domains_in_my_etchosts_that_i_didnt_add/. This has the bonus effect of breaking my printer, in addition to the unexpected network configuration changes for a VPN I don't use.

    Please honor existing entries in etc/hosts files!

  • Hello and thank you for joining us here.

    I would like to tag @camarie for a more advised opinion. Can you share your thoughts on this topic?

    Thanks!

    Premium Security & Bitdefender Endpoint Security Tools user

  • camarie
    camarie Principal Software Developer BD Staff

    I'm not sure what we are talking about. Is the problem (a) user cannot edit/save hosts file, (b) there is a Bitdefender process that prevents saving (which one?), both? Something else?

    It is true that vulnerability scan perform the scanning of the hosts file, commenting out the IPs or domains that are marked as malware. It does not, however, keep the file opened, nor comments out a line by prefixing with # unless the scan result is not clean, meaning the result of URL scan is fraud, malware, phising, spam, or untrusted.

    Can someone provide an example or such a pair IP-name from hosts file that was wrongly commented, if that is the case ? If privacy is a concern, contact support and open a ticket to avoid posting such informations in a public forum.

    If the saving is not possible and another process (Bitdefender or not) is suspect to prevent the file modification, then a tool such as Process Explorer ( https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer ) and using Find handle or dll… command filtering by hosts or C:\Windows\system32\drivers\etc\hosts to locate if such a process keeps the file opened.

  • Most definitely. For the purpose of accessing a specific server via VPN, I inserted 10.0.0.6 with the server specific address in the hosts file. At every single reboot, this is commented out when hosts scanning is active, thus preventing me from accessing said server. The only way for me to stop that, is to turn off hosts scanning.

    As well, it is impossible to use a StevenBlack/Hosts (see github) file to thwart all the lovely web garbage that BD isn't blocking out.

  • camarie
    camarie Principal Software Developer BD Staff

    Then is better to open a support ticket (if you did so already, please let me know so I can ask directly the guys) so all the information should be available to try to reproduce the behavior.

    Please let me know if you did so, because if you hit a bug I would like it to fix (or at least to come up with an explanation on why this entry is commented).

    Thank you for the informations provided.

  • On your suggestion I opened a ticket, number 1009405120. Thank you!

  • camarie
    camarie Principal Software Developer BD Staff

    Thank you as well. I already noticed the support team to keep me up on this one so we can investigate.