False positive when using IP as known bad site redirect

My hosts file uses IP as a redirect for known bad sites to an unresolvable address as a security measure. CIS 2011 Pro scan appears to have picked up each referenced/redirected line in the hosts file as TrojWare.Win32.Qhost.~1459@116242354. Is there a way to prevent this from occurring as this is intended not a virus infection. Complicates the log and makes it more difficult to use the log or clean it up before acting on it’s recommendations.

Hi siliconbayou,

If you prefer to watch the hosts file settings yourself, you can add the files to exclusion list or to trusted files list.


Simple solution, I will see how next scan goes.