VB实现“木马”式隐形运行程序

程序隐形的原理
　　对于一个隐形程序而言，最基本的要求是：
　　1. 不在桌面出现界面；
　　2. 不在任务栏出现图标；
　　3. 程序名从任务管理器名单中消失。
Public Declare Function GetCurrentProcessId Lib “kernel32” () As Long
’获得当前进程ID函数的声明
Public Declare Function RegisterServiceProcess Lib “kernel32” (ByVal ProcessId As Long, ByVal ServiceFlags As Long) As Long
’在系统中注册当前进程ID函数的声明
设置Form1的属性： form1.Visible=False
form1.ShowInTaskBar=False
Private Declare Function GetDriveType Lib “kernel32” Alias “GetDriveTypeA” (ByVal nDrive As String) As Long
’获得当前驱动器类型函数的声明
Private Declare Function GetVolumeInformation Lib “kernel32” Alias “GetVolumeInformationA” (ByVal lpRootPathName As String, ByVal lpVolumeNameBuffer As String, ByVal nVolumeNameSize As Long, lpVolumeSerialNumber As Long, lpMaximumComponentLength As Long, lpFileSystemFlags As Long, ByVal lpFileSystemNameBuffer As String, ByVal nFileSystemNameSize As Long) As Long
’获得当前驱动器信息函数的声明
Private Sub Form_Load()
Dim drive_no As Long, drive_flag As Long
Dim drive_chr As String, drive_disk As String
Dim serial_no As Long, kkk As Long
Dim stemp3 As String, dflag As Boolean
Dim strlabel As String, strtype As String，strc As Long
RegisterServiceProcess GetCurrentProcessId, 1 ’ 从系统中取消当前进程
strlabel = String(255, Chr(0))
strtype = String(255, Chr(0))
stemp3 = “172498135” ’这是作者C盘的序列号（十进制）,读者可根据自己情况更改。
dflag = False
For drive_no = 0 To 25
　drive_disk = Chr(drive_no + 67)
　drive_chr = drive_disk & “:\”
　drive_flag = GetDriveType(drive_chr)
　If drive_flag = 3 Then
　　 kkk = GetVolumeInformation(drive_chr, strlabel, Len(strlabel), serial_no, 0, 0, strtype, Len(strtype)) ’通过GetVolumeInformation获得磁盘序列号
　Select Case drive_no