Unfortunately, after wiping the drive and doing a fresh install again, it was appears the virus was residing in the MBR or other location on the mobo and entering memory even on DVD boot.. Yes, I ensured it was powered off before booting from DVD.
I pulled the drive out and formatted on a Linux system (destroyed the partition map, put on a new MBR and FAT file system.) Ths resulted in the PC failing to get past POST, it wouldn't even allow going to into BIOS. I yanked the drive, wiped it any data and filesystem, and destroyed the partition map. This allowed the PC to pass POST, but it couldn't boot off known wokring instlalation disks (I verified they worked on another system.)
Now, I'm suspecting that the virus is in the BIOS or another non-volatile memory on the motherboard. However, not leaving things to chance, I put a different drivve in the system with an NTFS file system on it, and now the system can boot off CD and the HD (which subsequently was infected.). It doesn't appeart to be a DVD drive hardware failure...
So, I'm going to remove the battery and power, then using just the power cord, boot off write protected media and flash the bios. If that doesn't work, I guess it's trash the laptop time and chalk it up to life with Windows. I really wish that if SEP did know about this virus that it would have prevented it's infection. Yes, I know a user could override the protection, but the user of the laptop is no slouch when it comes to technology and if SEP popped up and said "DANGER WILL ROBINSON, INFECTION IMMINENT IF YOU PROCEED!!!!" she wouldn't have. Thus, I still believe that a fully updated SEP 11 failed to protect the PC, let's hope that Norton 360 fairs better (I bought her a new laptop in the mean time....)
If I could only convince her to use Linux or a Mac...sigh.
