Revo Uninstaller Pro 个性化DIY两则：

冥界3大法王 · 发表于 2020-3-31 18:28

本帖最后由冥界3大法王于 2020-3-31 18:38 编辑

从网上下载一个新版本的，楼主比较懒就用老的Patch 吧，结果发现启动时又让我【注册】！说明补丁的不够完整。
右上角【有个10-1订阅过期字样】
打开关于也有一个【 10-1订阅过期字样】
每次右击卸载，总得活人点一次【跳过备份】字样
接下来，我们抄起手术刀x64dbg就开始解决上面的问题了。

已知：它会调用.lic文件，所以字符串搜索，全部下断

15227 就是常量的3B7B
16115。。。。。 3EF3

另外那个就不截图了

接下来运行程序，前2处断在这里！

[Asm] 纯文本查看 复制代码

000000014024DB1D | 48:8D15 6CC06C00        | lea rdx,qword ptr ds:[140919B90]      | 0000000140919B90:L"LicProtector.LicProtectorEXE510"
000000014024DB24 | 48:8D4C24 50            | lea rcx,qword ptr ss:[rsp+50]         |
000000014024DB29 | E8 F6F40400             | call <revouninpro.sub_14029D024>      |
000000014024DB2E | 85C0                    | test eax,eax                          |
000000014024DB30 | 0F85 36010000           | jne revouninpro.14024DC6C             |
000000014024DB36 | 33D2                    | xor edx,edx                           |
000000014024DB38 | 49:8B8D 88020000        | mov rcx,qword ptr ds:[r13+288]        |
000000014024DB3F | E8 40D90200             | call revouninpro.14027B484            |
000000014024DB44 | 48:8D8C24 98000000      | lea rcx,qword ptr ss:[rsp+98]         |
000000014024DB4C | E8 FF86FEFF             | call <revouninpro.sub_140236250>      |
000000014024DB51 | 90                      | nop                                   |
000000014024DB52 | 48:8D15 17C06C00        | lea rdx,qword ptr ds:[140919B70]      | 0000000140919B70:L"\\reg_lp.bat"
000000014024DB59 | 48:83CE FF              | or rsi,FFFFFFFFFFFFFFFF               |
000000014024DB5D | 48:8BC6                 | mov rax,rsi                           |
000000014024DB60 | 48:FFC0                 | inc rax                               |
000000014024DB63 | 66:833C42 00            | cmp word ptr ds:[rdx+rax*2],0         |
000000014024DB68 | 75 F6                   | jne revouninpro.14024DB60             |
000000014024DB6A | 44:8BC0                 | mov r8d,eax                           |
000000014024DB6D | 48:8D8C24 98000000      | lea rcx,qword ptr ss:[rsp+98]         |
000000014024DB75 | E8 D66FDCFF             | call <revouninpro.sub_140014B50>      |
000000014024DB7A | 45:33E4                 | xor r12d,r12d                         |
000000014024DB7D | 44:896424 28            | mov dword ptr ss:[rsp+28],r12d        |
000000014024DB82 | 4C:896424 20            | mov qword ptr ss:[rsp+20],r12         |
000000014024DB87 | 45:33C9                 | xor r9d,r9d                           |
000000014024DB8A | 4C:8B8424 98000000      | mov r8,qword ptr ss:[rsp+98]          |
000000014024DB92 | 48:8D15 3F006900        | lea rdx,qword ptr ds:[1408DDBD8]      | 00000001408DDBD8:L"open"
000000014024DB99 | 33C9                    | xor ecx,ecx                           |
000000014024DB9B | FF15 C7045600           | call qword ptr ds:[<&ShellExecuteW>]  |
000000014024DBA1 | B9 E8030000             | mov ecx,3E8                           |
000000014024DBA6 | FF15 2C005600           | call qword ptr ds:[<&Sleep>]          |
000000014024DBAC | 45:33C0                 | xor r8d,r8d                           |
000000014024DBAF | 48:8D15 DABF6C00        | lea rdx,qword ptr ds:[140919B90]      | 0000000140919B90:L"LicProtector.LicProtectorEXE510"
000000014024DBB6 | 48:8D4C24 50            | lea rcx,qword ptr ss:[rsp+50]         |
000000014024DBBB | E8 64F40400             | call <revouninpro.sub_14029D024>      |
000000014024DBC0 | 85C0                    | test eax,eax                          |
000000014024DBC2 | 0F85 81000000           | jne revouninpro.14024DC49             |
000000014024DBC8 | 45:33C0                 | xor r8d,r8d                           |
000000014024DBCB | 33D2                    | xor edx,edx                           |
000000014024DBCD | 48:8D0D 2CC06C00        | lea rcx,qword ptr ds:[140919C00]      | 0000000140919C00:L"Automation object not found!"
000000014024DBD4 | E8 A7F40300             | call <revouninpro.sub_14028D080>      |
000000014024DBD9 | 90                      | nop                                   |
000000014024DBDA | 48:8B9424 98000000      | mov rdx,qword ptr ss:[rsp+98]         |
000000014024DBE2 | 48:83C2 E8              | add rdx,FFFFFFFFFFFFFFE8              |
000000014024DBE6 | 8BC6                    | mov eax,esi                           |
000000014024DBE8 | F0:0FC142 10            | lock xadd dword ptr ds:[rdx+10],eax   |
000000014024DBED | 83E8 01                 | sub eax,1                             |
000000014024DBF0 | 7F 0A                   | jg revouninpro.14024DBFC              |
000000014024DBF2 | 48:8B0A                 | mov rcx,qword ptr ds:[rdx]            |
000000014024DBF5 | 48:8B01                 | mov rax,qword ptr ds:[rcx]            |
000000014024DBF8 | FF50 08                 | call qword ptr ds:[rax+8]             |
000000014024DBFB | 90                      | nop                                   |
000000014024DBFC | 48:8D4C24 50            | lea rcx,qword ptr ss:[rsp+50]         |
000000014024DC01 | E8 D2FB0400             | call <revouninpro.sub_14029D7D8>      |
000000014024DC06 | 90                      | nop                                   |
000000014024DC07 | 48:8B5424 68            | mov rdx,qword ptr ss:[rsp+68]         |
000000014024DC0C | 48:83C2 E8              | add rdx,FFFFFFFFFFFFFFE8              |
000000014024DC10 | 8BC6                    | mov eax,esi                           |
000000014024DC12 | F0:0FC142 10            | lock xadd dword ptr ds:[rdx+10],eax   |
000000014024DC17 | 83E8 01                 | sub eax,1                             |
000000014024DC1A | 7F 0A                   | jg revouninpro.14024DC26              |
000000014024DC1C | 48:8B0A                 | mov rcx,qword ptr ds:[rdx]            |
000000014024DC1F | 48:8B01                 | mov rax,qword ptr ds:[rcx]            |
000000014024DC22 | FF50 08                 | call qword ptr ds:[rax+8]             |
000000014024DC25 | 90                      | nop                                   |
000000014024DC26 | 48:8B5424 60            | mov rdx,qword ptr ss:[rsp+60]         |
000000014024DC2B | 48:83C2 E8              | add rdx,FFFFFFFFFFFFFFE8              |
000000014024DC2F | F0:0FC172 10            | lock xadd dword ptr ds:[rdx+10],esi   |
000000014024DC34 | 83EE 01                 | sub esi,1                             |
000000014024DC37 | 7F 09                   | jg revouninpro.14024DC42              |
000000014024DC39 | 48:8B0A                 | mov rcx,qword ptr ds:[rdx]            |
000000014024DC3C | 48:8B01                 | mov rax,qword ptr ds:[rcx]            |
000000014024DC3F | FF50 08                 | call qword ptr ds:[rax+8]             |
000000014024DC42 | 33C0                    | xor eax,eax                           |
000000014024DC44 | E9 76250000             | jmp revouninpro.1402501BF             |
000000014024DC49 | 48:8B9424 98000000      | mov rdx,qword ptr ss:[rsp+98]         |
000000014024DC51 | 48:83C2 E8              | add rdx,FFFFFFFFFFFFFFE8              |
000000014024DC55 | 8BC6                    | mov eax,esi                           |
000000014024DC57 | F0:0FC142 10            | lock xadd dword ptr ds:[rdx+10],eax   |
000000014024DC5C | 83E8 01                 | sub eax,1                             |
000000014024DC5F | 7F 12                   | jg revouninpro.14024DC73              |
000000014024DC61 | 48:8B0A                 | mov rcx,qword ptr ds:[rdx]            |
000000014024DC64 | 48:8B01                 | mov rax,qword ptr ds:[rcx]            |
000000014024DC67 | FF50 08                 | call qword ptr ds:[rax+8]             |
000000014024DC6A | EB 07                   | jmp revouninpro.14024DC73             |
000000014024DC6C | 48:83CE FF              | or rsi,FFFFFFFFFFFFFFFF               |
000000014024DC70 | 45:33E4                 | xor r12d,r12d                         |
000000014024DC73 | 48:8D4C24 70            | lea rcx,qword ptr ss:[rsp+70]         |
000000014024DC78 | E8 D385FEFF             | call <revouninpro.sub_140236250>      |
000000014024DC7D | 90                      | nop                                   |
000000014024DC7E | 48:8D15 BBBF6C00        | lea rdx,qword ptr ds:[140919C40]      | 0000000140919C40:L"\\LPlog"
000000014024DC85 | 48:8BC6                 | mov rax,rsi                           |
000000014024DC88 | 0F1F8400 00000000       | nop dword ptr ds:[rax+rax],eax        |
000000014024DC90 | 48:FFC0                 | inc rax                               |
000000014024DC93 | 66:833C42 00            | cmp word ptr ds:[rdx+rax*2],0         |
000000014024DC98 | 75 F6                   | jne revouninpro.14024DC90             |

继续走走看看

这样注册不完整的问题就解决了！顶上和关于中的订阅过期也解决了。
然后，我们再解决右击【卸载时】每次有个【跳过备份】需要活人点的问题

我们用了字符串搜索、翻译语言ID号转常量、近点修改法等三个知识点就很好的解决问题了。

熊孩子突突突 · 发表于 2020-3-31 19:20

emmmm，设置里不是有么？

看，六眼飞鱼 · 发表于 2020-3-31 19:44

膜拜一波大佬

zxiaofly · 发表于 2020-3-31 19:56

不明觉厉，有没有成品啊？

garen · 发表于 2020-3-31 21:09

大脑就是厉害

mokson · 发表于 2020-3-31 21:28

我以为有成品转让呢

supnet · 发表于 2020-4-1 10:06

非常感谢

jefel · 发表于 2020-4-1 10:33

大法王不提供成品的，锻炼你的学习能力。

大雨治水 · 发表于 2020-4-1 11:18

期待成品

ghss · 发表于 2020-4-1 11:38

来来来，代表伸手党MK一下，等

帐号		自动登录	找回密码
密码			注册[Register]

[原创] Revo Uninstaller Pro 个性化DIY两则：

免费评分

个人中心