It appears that spybot does not completely lock out the hosts file, simply unchecking the read only box or using the attrib -r command on it will unlock it, no protection there, why isn't spybot completely locking it down from removing read-only other than the option in spybot? this is leaving people vulnerable to hosts hijacks by a simple command :sad:

we have talked about the locking of the hosts file before, maybe it helps you:
http://forums.spybot.info/showthread.php?t=33218