Tech: Removing Knight.exe

I bought a new flash drive from OCZ a beautiful 16GB flash drive. I connected it to a foreign machine and when I put it back into my computer, virus. No big deal AVG detected the virus and I selected remove. At first I thought it a bit odd cause the other machine didn't have access to any network or internet. I should have known better. The next thing I knew the flash drive stopped working. When I plugged in the drive I received a "mixed content" popup. The normal choices to open in folder view or to open selected files with a video player had dissapeared. I tried accesing the drive from my computer but it simply asked me to choose a program to open the "whole drive" with, as if it was an application. I stumbled across the directions below to remove "knight.exe" which still didn't give me access to the drive, and since I didn't have access to the drive I couldn't do one of the steps (Step 3b). I realized I might be able to access the drive another way. I opened the drive using izarc as if it were a zip file. I needed to open it directly through izarc's menu. Nothing shows up initially but if you choose, file type>all, you'll see the file autorun.inf. Delete that and you'll be done. I recommend you follow the instructions bellow in their given order until you get to that step. Paste a comment if this helps.

Note: You may be able to use any program to access the drive through the program's "Open" Dialogue, as long as the program has a "show all files" option. To delete simply right mouse click and select delete.

These instructions courtesy Precise Security:
1. Temporarily Disable USB Drive to autorun (Windows XP):

a. Open Windows Explorer or press the Windows + “e” key.
b. Right-click the drive of the USB Drive. Then select Properties. Drive Properties will appear.
c. Select the AutoPlay tab.
d. Choose Select an Action to Perform
e. At the bottom of the selection, click Take no Action, then click Apply.
f. Click OK to exit Drive Properties.

2. Show Hidden Files
a. Open Windows Explorer
b. Go to Tools > Options
c. On View tab, mark Checked the “Show Hidden Files and Folders and “Hide Protected OPerating System Files” Unchecked.

3. Delete the files manually
a. Go the USB Drive and delete autorun.inf
b. Go to C: Drive and delete autorun.inf
c. Go to C:\Windows and delete Disk Knight.exe

4. Modify Windows Registry
a. Go to Start > Run then type regedit
b. On Registry Editor, go to Edit > Find and type “knight”
c. Delete all entries it found.

5. Connect to Internet and update your AntiVirus

6. Reboot your computer in SafeMode
a. During BootUp process Press F8 continuously until selection appears
b. Use Arrow Up+Down to select SafeMode on the selections menu.
c. Hit Enter to proceed.

7. Scan your computer with an updated AntiVirus and delete all infections it founds.

Note: You may enable autorun of the USB Drive by reversing the process in Step 1.