-
Notifications
You must be signed in to change notification settings - Fork 0
/
ollydbg.ini
377 lines (377 loc) · 11.2 KB
/
ollydbg.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
[Settings]
Check DLL versions=0
GUI language=0
Topmost window=0
Show main menu items that don't apply=0
Show popup items that don't apply=0
Show toolbar=1
Use system colours in toolbar=0
Status in toolbar=0
Flash duration=1
Autoupdate interval=4
Mode of main window=0
Restore windows=0
Bring OllyDbg to top on pause=1
Restore window positions=1
Restore width of columns=0
Restore sorting criterium=1
Highlight sorted column=1
Right click selects=1
Index of default font=1
Index of default UNICODE font=3
Index of default colours=0
Code highlighting=0
Horizontal scroll=0
Snow-free drawing=1
Append arguments=1
Allow diacritical symbols=0
Decode pascal strings=1
Use IsTextUnicode=0
String decoding=0
File graph mode=1
Put ASCII text to clipboard=0
Monitor internal memory allocation=0
Dialog font mode=0
Font in dialogs=0
Align dialogs=1
Global search=1
Aligned search=1
Search accuracy=0
Ignore case=0
Search direction=1
Floating search with margin=0
Allow extra commands in sequence=1
Allow jumps into the sequence=0
Keep size of hex edit selection=1
List sorting mode=0
Modify FPU tag=0
MMX display mode=0
Show tooltips in dialog windows=1
X options coordinate=569
Y options coordinate=81
Last selected options pane=20
Last edited font in options=0
Last edited scheme in options=0
Last edited colour index in options=0
Last edited highlighting in options=1
Last edited highlighting index in options=0
Warnmode when not administrator=1
Warnmode for packed code in Analyzer=0
Warnmode when INT3 breakpoint is corrupt=0
Warnmode when breakpoint set on non-command=0
Warnmode when EIP set on non-command=0
Warnmode when clipboard size too large=0
Warnmode when all threads are suspended=0
Warnmode when thread is changed=0
Warnmode when process is still running=0
Warnmode when active when closing OllyDbg=0
Warnmode when unable to close process=0
Warnmode when executable differs from udd=0
Warnmode when INT3 in udd has different cmd=0
Warnmode when fixups are modified=0
Warnmode when IAT is copied back to exe=0
Warnmode when IAT is autocopied back to exe=0
Warnmode when copy of executable file changed=0
Warnmode when memory breakpoint on stack=0
Warnmode when modified debug registers=0
Warnmode when launching loaddll=0
Warnmode when EIP inside the patch=0
Only ASCII printable in dump=0
Code page for ASCII dumps=1252
Code page for multibyte dumps=65001
Underline fixups=1
Show jump direction=1
Show jump path=1
Show grayed path if jump is not taken=1
Fill rest of command with NOPs=1
Action on letter key in Disassembler=1
Wide characters in UNICODE dumps=1
Disable GDI scripting support=0
Automatically backup user code=0
Visible lines when scrolling disasm=1
IDEAL disassembling mode=0
Disassemble in lowercase=0
Separate arguments with TAB=0
Extra space between arguments=0
Show default segments=1
Always show memory size=1
NEAR jump modifiers=0
Alternative forms of conditional commands=1
Use short form of string commands=0
Use RET instead of RETN=0
SSE size decoding mode=0
Jump hint decoding mode=0
Size sensitive mnemonics=1
Top of FPU stack=1
Show symbolic addresses=1
Show local module names=0
Demangle symbolic names=0
Show call arguments=0
Type of break command=0
Use hardware breakpoints for stepping=1
Hide unimportant handles=1
Show original handle names=0
Permanent breakpoints on system code=0
First pause=3
Pause on attach=1
Pause on Loaddll=1
Assume flat selectors=0
Ignore access violations in KERNEL32=1
Ignore INT3 in MSCORWKS=1
Ignore INT3=0
Ignore TRAP=0
Ignore access violations=0
Ignore division by 0=0
Ignore illegal instructions=0
Ignore all FPU exceptions=0
Ignore all service exceptions=1
Ignore custom exception ranges=0
Call UnhandledExceptionFilter=0
Report ignored exceptions to log=1
Autoreturn=0
Use DebugBreakProcess=0
Use ExitProcess=1
Warn when frequent breaks=1
Allow command emulation=1
Debug child processes=0
Animation delay index=0
Stop on new DLL=0
Stop on DLL unload=0
Stop only on selected modules=0
Stop on debug string=0
Stop on new thread=0
Stop on thread end=0
Enable use of debugging data=1
Use dbghelp to walk stack=0
Use Microsoft Symbol Server=0
Hide missing source files=1
Hide internal compiler names=1
Skip leading spaces from source=1
Hide Call DLL window on call=0
Pause after call to DLL is finished=1
Allow .NET debugging=1
Scan registry for GUIDs on starup=0
Run trace protocolling options=0
Run trace buffer size index=2
Trace over system DLLs=1
Trace over string commands=1
Save traced commands=0
Save accessed memory to trace=0
Save FPU registers to trace=0
Synchronize CPU and Run trace=1
Set breakpoints on callbacks in hit trace=0
Hit trace mode for indirect jumps=0
Stop hit trace if not command=0
Hit trace outside the code section=2
Keep hit trace between sessions=1
Show symbolic names in protocol range list=0
Allow automatic SFX extraction=1
SFX extraction mode=0
Use real SFX entry from previous run=1
Ignore SFX exceptions=1
Use predictions in search=1
References include indirect jumps=1
Add origin to search results=0
Default resource language=9
Gray inactive windows=1
Gray register names=0
Center FOLLOWed command=1
Decode registers for any IP=1
Hide current registers warning=0
Remove code hilite on register hilite=1
Automatically select register type=0
Enable SSE registers=1
Label display mode=0
Highlight symbolic labels=0
Log buffer size index=2
Tabulate columns in log file=0
Append data to existing log file=0
Auto analysis=3
No predicted registers in system DLLs=0
Fuzzy analysis=1
Report problems during analysis=0
Decode tricks=1
Mark tricks=0
Search for library functions=1
Decode ifs as switches=0
Mark only important operands=0
Functions preserve registers=1
Ignore braces in udd path=1
Guess number of arguments=1
Guess arguments from mangled names=0
Guess meaning of guessed arguments=1
Show uncertain arguments=1
Rename value dependent arguments=0
Show predicted values=1
Show ARG and LOCAL in disassembly=1
Use symbolic names for ARG and LOCAL=0
Show ARG and LOCAL in comments=1
Show loops=1
Accept far calls and returns=0
Accept direct segment modifications=0
Accept privileged commands=0
Accept I/O commands=0
Accept NOPs=1
Accept shifts out of range=0
Accept superfluous prefixes=0
Accept default prefixes=1
Accept valid LOCK prefixes=1
Accept unaligned stack operations=1
Accept suspicious ESP operations=0
Accept non-standard command forms=1
Accept access to nonexisting memory=0
Accept interrupt commands=0
Block external WM_CLOSE=1
Activate speech=0
Translate commands and registers=1
Skip leading zeros in hex numbers=1
[OllyDbg]
Placement=561,30,640,480,0
[History]
Log file=log.txt
Trace save file=trace.txt
Data directory=.\
Standard library directory=.\
Plugin directory=.\Plugins
API help file=
Alternative initialization file=
Last viewed file=
Last keyboard shortcuts file=shortcuts.ini
Last object or library file=
Last image library file=
Debug data directory[0]=
Debug data directory[1]=
Debug data directory[2]=
Previous JIT=
[Colour schemes]
Scheme name[0]=Black on white
Foreground_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[0]=0
Modified commands[0]=0
Scheme name[1]=Yellow on blue
Foreground_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[1]=0
Modified commands[1]=0
Scheme name[2]=Marine
Foreground_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[2]=0
Modified commands[2]=0
Scheme name[3]=Mostly black
Foreground_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[3]=0
Modified commands[3]=0
Scheme name[4]=Scheme 4
Foreground_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[4]=0
Modified commands[4]=0
Scheme name[5]=Scheme 5
Foreground_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[5]=0
Modified commands[5]=0
Scheme name[6]=Scheme 6
Foreground_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[6]=0
Modified commands[6]=0
Scheme name[7]=Scheme 7
Foreground_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[7]=0
Modified commands[7]=0
[Highlighting schemes]
Scheme name[1]=Christmas tree
Foreground_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[1]=1
Modified commands[1]=1
Scheme name[2]=Jumps and calls
Foreground_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[2]=0
Modified commands[2]=0
Scheme name[3]=Memory access
Foreground_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[3]=1
Modified commands[3]=1
Scheme name[4]=Hilite 4
Foreground_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[4]=0
Modified commands[4]=0
Scheme name[5]=Hilite 5
Foreground_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[5]=0
Modified commands[5]=0
Scheme name[6]=Hilite 6
Foreground_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[6]=0
Modified commands[6]=0
Scheme name[7]=Hilite 7
Foreground_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Foreground_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Background_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
Operands[7]=0
Modified commands[7]=0
[Fonts]
Font name[0]=OEM fixed font
Font data[0]=0,0,0,0,0,0,0,0,0,0,0,10
Face name[0]=
Font name[1]=Terminal 6
Font data[1]=9,6,700,0,0,0,255,0,1,1,0,0
Face name[1]=Terminal
Font name[2]=System fixed font
Font data[2]=0,0,0,0,0,0,0,0,0,0,0,16
Face name[2]=
Font name[3]=Courier (UNICODE)
Font data[3]=14,0,400,0,0,0,1,2,5,-2,0,0
Face name[3]=Courier New
Font name[4]=Lucida (UNICODE)
Font data[4]=10,6,400,0,0,0,1,2,5,0,0,0
Face name[4]=Lucida Console
Font name[5]=Font 5
Font data[5]=9,6,700,0,0,0,255,0,1,1,0,0
Face name[5]=Terminal
Font name[6]=Font 6
Font data[6]=0,0,0,0,0,0,0,0,0,0,0,16
Face name[6]=
Font name[7]=Font 7
Font data[7]=14,0,400,0,0,0,1,2,5,-2,0,0
Face name[7]=Courier New