El anti netzeek igual se consigue, y es por eso que al ver el code se nota que te faltan varias cosas por hacer
' Script to remove netzeek MSN worm/trojan. 29.10.2008
' Written by Kye of the SA-MP team - team@sa-mp.com
'
Const HKEY_CURRENT_USER = &H80000001
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
intFoundVirus = 0
' Get the Windows folder locations
Dim objFSO, strWindowsFolder, x
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set WshShell = WScript.CreateObject("WScript.Shell")
strWindowsFolder = objFSO.GetSpecialFolder(0)
strSystemFolder = objFSO.GetSpecialFolder(1)
Dim arrVirusFiles(7)
arrVirusFiles(0) = strWindowsFolder & "\csrss.exe"
arrVirusFiles(1) = strWindowsFolder & "\services.exe"
arrVirusFiles(2) = strWindowsFolder & "\winlogon.exe"
arrVirusFiles(3) = strSystemFolder & "\drivers\lsass.exe"
arrVirusFiles(4) = strSystemFolder & "\drivers\smss.exe"
arrVirusFiles(5) = strSystemFolder & "\drivers\spoolsv.exe"
arrVirusFiles(6) = strSystemFolder & "\drivers\ctfmon.exe"
arrVirusFiles(7) = strWindowsFolder & "\ctfmon.exe"
' Go ahead and kill those processes if we find them
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colProcesses = objWMIService.ExecQuery("select * from win32_process")
For Each objProcess in colProcesses
' check if this process is a bady
If Len(objProcess.ExecutablePath) > 0 Then
x = 0
While(x <= UBound(arrVirusFiles))
'Wscript.Echo "Comparing: " & objProcess.ExecutablePath & ":" & arrVirusFiles(x)
If (StrComp(objProcess.ExecutablePath, arrVirusFiles(x), vbTextCompare) = 0) Then
objProcess.Terminate
'Wscript.Echo "I killed " & objProcess.ExecutablePath
intFoundVirus = 1
End If
x = x + 1
Wend
End If
Next
' Now remove those registry keys
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
oReg.DeleteValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Run", "Windows Update"
oReg.DeleteValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Run", "Windows"
oReg.DeleteValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\Run", "Windows Run Service"
oReg.DeleteValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\RunOnce", "System"
oReg.DeleteValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\RunOnce", "System Update"
oReg.DeleteValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\RunOnce", "System Run"
oReg.DeleteValue HKEY_CURRENT_USER, "Software\Microsoft\Windows\CurrentVersion\RunOnce", "CTFMON"
oReg.DeleteValue HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\Run", "Windows Update"
oReg.DeleteValue HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\Run", "Windows"
oReg.DeleteValue HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\Run", "Windows Run Service"
oReg.DeleteValue HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\RunOnce", "System"
oReg.DeleteValue HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\RunOnce", "System Update"
oReg.DeleteValue HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\RunOnce", "System Run"
oReg.DeleteValue HKEY_LOCAL_MACHINE, "Software\Microsoft\Windows\CurrentVersion\RunOnce", "CTFMON"
' Now delete the virus files
x = 0
While(x < UBound(arrVirusFiles))
If objFSO.FileExists(arrVirusFiles(x)) Then
objFSO.DeleteFile(arrVirusFiles(x))
'Wscript.Echo "I deleted " & arrVirusFiles(x)
End If
x = x + 1
Wend
If intFoundVirus = 1 Then
Wscript.Echo "Netzeek MSN virus is deleted." & vbCrlf & "Restart your computer."
Else
Wscript.Echo "Netzeek virus not found. Nothing was done."
End if
Con respecto a tu code, cambiar ...
unidad = inputbox("Cual es tu principal unidad de disco duro" & vbNewLine & "Por ejemplo: C:\, D:\, E:\...","Seleccione su unidad","")
Por
...
unidad = whs.ExpandEnvironmentStrings("%SystemDrive%")
Saludos