I have just deep scan 2 of my 3 machines, Thorough, packers, all files etc... and they have shown completely clean with exception of the Ghost files.
As I have already stated absolutely none of my machine have EVER report this infection. The theory that it must have been cleaned prior to the ghost file creations and must exist in a cluster somewhere does not make sense as nothing have ever cleaned this virus off the machines and it only appears to exist in the ghost images taken, one of which was taken a day or two ago.
If someone wants to tell me how I can blank out unused clusters then I will and then take another ghost, I am willing to bet that the ghost image will still scan as infected for 2 reasons.
1) The machines have NEVER been found to be infected so therefore could not have been cleaned leaving behind unused clusters with the signature.
2) Ghost 2003 from what I have read does NOT copy unused clusters to a backup image file.
I would therefore strongly suggest that the signature that Avast is using for this virus is producing false positives.
Do I sound a little aggrevated, too right as I have wasted 2 valuable days of my vacation trying to get to the bottom of an infection I firmly belive does not and has not ever existed on my network.
Baz