Ok the problem is when he turns it on it gets to the log-in screen then when he logs in it logs off right away. We think it may be a virus so my question is, if we put his hard drive into my machine will it infect mine? Or is this possible? We want to put it into my computer to see if we can run a virus scan or at least retrieve his pictures and documents! 
Assuming you’re talking about a computer with Windows installed, it does sound a bit like a virus, but it would probably be better to try to get it started up on its own - if you try to boot your machine with his HD, it will just run into loads of hardware difiiculties (because the OS will be expecting to find his motherboard, his graphics card etc, not yours) - if you install his HD in your machine as a second drive, you won’t be easily able to diagnose the problem and your own machine may become infected.
Have you tried booting the machine in Safe Mode? (Hold down the <F8> key as the machine starts up and select ‘Safe Mode’ from the menu) - if you get into Windows this way, then click Start>Run and type MSCONFIG - then click on the ‘startup’ tab and let us know what you see listed there.
If Windows if fried, you should at least be able to boot in Safe Mode as Mangetout mentioned. If not, you may be able to boot into DOS and copy the most important files from there to a floppy or a second drive. I had to do that once.
I’d boot your friend’s PC in Safe Mode, then run Stinger on it (download it on your PC and transfer it via floppy). This will detect and remove the most common viruses. It should then allow you to start it up in Normal mode and run a more thorough scan with HouseCall.
It would be helpful if we knew what O/S your friend is running. If it’s something like the Blaster Worm, and they are running XP or 2000, They’ll first need to stop the machine from shutting down, so a scan can be run:
Follow these steps:
Do one of the following:
Windows 2000: Right-click the My Computer icon on the Windows desktop, and then click Manage. The Computer Management window opens.
Windows XP: Click the Start button, right-click the My Computer icon, click Manage. The Computer Management window opens.
In the left pane, double-click Services and Applications, and then select Services. A list of services appears.
In the right pane, locate the Remote Procedure Call (RPC) service.
CAUTION: There is also a service named Remote Procedure Call (RPC) Locator. Do not confuse the two.
Right-click the Remote Procedure Call (RPC) service, and then click Properties.
Click the Recovery tab.
Using the drop-down lists, change First failure, Second failure, and Subsequent failures to “Restart the Service.”
Click Apply, and then click OK.
CAUTION: Make sure that you change these settings back when you have removed the worm.
Blatantly ripped from Symantec
-
-
- DON’T take a Windows hard-drive out of one computer and put it in another different-hardware-configuration computer and try to boot it. Linux can do this trick pretty reliably (re-discovering totally-new hardware) but it is a crapshoot with Windows, and one that you often lose. If you have to try this, then with Windows at the very least you should turn the video settings down to 640x480/16 colors, and software-mode only (hardware accelleration off). Windows will fail to boot if it cannot operate the videocard properly, but may delete the old videocard config without attempting to discover a new one. And when that happens, the OS will no longer boot at all, and so then you have to slave the drive to do anything with it (see below).
-
- The safest-fastest way to “rescue” files off an infected hard-drive is to hook the hard-drive to another computer as a slave disk, and then scan the individual files you want to rescue for viruses before moving them to the rescue-computer’s hard drive. This is practically necessary if you have lots of big files to save. The infected slave drive will not “automatically” infect the master drive–viruses and trojans and whatnot run automatically by being listed in the infected computer’s registry, and the registry on the slave drive isn’t the one that the rescue PC is using.
- You can even try running a virus scan/removal on the infected drive, but only do this after you have copied any files you want saved off–as it may break the registry/OS of the infected drive to the point that when you put it back into its computer again and try to boot from it, it will really get fuxored–but it’s worth a shot, I have seen it work now and then.
~
Ok both computers are Win XP, and I was planning on running it as a slave drive. Thanks for the replies!