[Settings]
Check DLL versions=0
Topmost window=0
Show main menu items that don't apply=0
Show popup items that don't apply=0
Show toolbar=1
Use system colours in toolbar=0
Status in toolbar=0
Flash duration=1
Autoupdate interval=4
Mode of main window=0
Restore windows=236799
Restore window positions=1
Restore width of columns=0
Restore sorting criterium=1
Highlight sorted column=1
Right click selects=1
Index of default font=1
Index of default colours=0
Code highlighting=0
Horizontal scroll=0
Snow-free drawing=1
Append arguments=1
Allow diacritical symbols=0
Decode pascal strings=1
Use IsTextUnicode=0
String decoding=0
File graph mode=1
Dialog font mode=0
Font in dialogs=0
Align dialogs=1
Global search=1
Aligned search=0
Ignore case=0
Search direction=1
Floating search with margin=0
Allow extra commands in sequence=1
Allow jumps into the sequence=0
Keep size of hex edit selection=0
Sorting mode of error list=0
Modify FPU tag=0
MMX display mode=0
Show tooltips in dialog windows=1
X options coordinate=460
Y options coordinate=377
Last selected options pane=13
Last edited font in options=3
Last edited scheme in options=0
Last edited colour index in options=6
Last edited highlighting in options=1
Last edited highlighting index in options=16
Warnmode when not administrator=0
Warnmode for packed code in Analyzer=0
Warnmode when process is still running=6
Warnmode when INT3 breakpoint is corrupt=1
Warnmode when INT3 set on non-command=0
Warnmode when clipboard size too large=0
Warnmode when all threads are suspended=0
Warnmode when thread is changed=0
Warnmode when executable differs from udd=7
Warnmode when INT3 in udd has different cmd=0
Warnmode when fixups are modified=0
Warnmode when memory breakpoint on stack=0
Warnmode when modified debug registers=0
Only ASCII printable in dump=1
Underline fixups=1
Show jump direction=1
Show jump path=1
Show path if jump is not taken=1
Fill rest of command with NOPs=0
Action on letter key in Disassembler=2
Wide characters in UNICODE dumps=1
Automatically backup user code=0
IDEAL disassembling mode=0
Disassemble in lowercase=0
Separate arguments with TAB=0
Extra space between arguments=0
Show default segments=0
Always show memory size=1
NEAR jump modifiers=0
Use short form of string commands=0
Use RET instead of RETN=1
SSE size decoding mode=0
Jump hint decoding mode=0
Size sensitive mnemonics=1
Top of FPU stack=1
Show symbolic addresses=1
Show local module names=1
Demangle symbolic names=0
First pause=1
Pause on attach=1
Assume flat selectors=0
Ignore access violations in KERNEL32=1
Ignore INT3=1
Ignore TRAP=1
Ignore access violations=0
Ignore division by 0=1
Ignore illegal instructions=1
Ignore all FPU exceptions=1
Ignore custom exception ranges=1
Call UnhandledExceptionFilter=1
Report ignored exceptions to log=1
Autoreturn=0
Use DebugBreakProcess=0
Use ExitProcess=0
Warn when frequent breaks=1
Allow command emulation=0
Debug child processes=0
Animation delay index=0
Stop on new DLL=0
Stop on DLL unload=0
Stop on debug string=0
Stop on new thread=0
Stop on thread end=0
Run trace protocolling options=0
Run trace buffer size index=2
Trace over system DLLs=1
Trace over string commands=1
Save traced commands=0
Save accessed memory to trace=0
Save FPU registers to trace=0
Synchronize CPU and Run trace=1
Set breakpoints on callbacks in hit trace=0
Hit trace mode for indirect jumps=0
Stop hit trace if not command=0
Hit trace outside the code section=2
Show symbolic names in protocol range list=0
Use predictions in search=1
References include indirect jumps=1
Add origin to search results=0
Default resource language=9
Gray inactive windows=1
Gray register names=0
Center FOLLOWed command=1
Decode registers for any IP=0
Automatically select register type=0
Enable SSE registers=1
Label display mode=2
Highlight symbolic labels=0
Log buffer size index=2
Tabulate columns in log file=0
Append data to existing log file=0
Auto analysis=0
No predicted registers in system DLLs=0
Fuzzy analysis=1
Report problems during analysis=0
Decode tricks=1
Mark tricks=0
Decode ifs as switches=0
Functions preserve registers=1
Guess number of arguments=1
Guess arguments from mangled names=0
Guess meaning of guessed arguments=1
Show uncertain arguments=1
Rename value dependent arguments=0
Show predicted values=1
Show ARG and LOCAL in disassembly=1
Use symbolic names for ARG and LOCAL=1
Show ARG and LOCAL in comments=1
Show loops=1
Accept far calls and returns=0
Accept direct segment modifications=0
Accept privileged commands=0
Accept I/O commands=0
Accept NOPs=1
Accept shifts out of range=0
Accept superfluous prefixes=0
Accept default prefixes=1
Accept valid LOCK prefixes=1
Accept unaligned stack operations=1
Accept suspicious ESP operations=0
Accept non-standard command forms=1
Accept access to nonexisting memory=1
Accept interrupt commands=1
Index of default UNICODE font=1
Warnmode when unable to close process=0
Show grayed path if jump is not taken=1
Remove code hilite on register hilite=1
Ignore braces in udd path=1
List sorting mode=0
Warnmode when launching loaddll=6
Visible lines when scrolling disasm=1
Pause on Loaddll=1
Stop only on selected modules=0
Enable use of debugging data=1
Use dbghelp to walk stack=0
Use Microsoft Symbol Server=0
Hide missing source files=1
Hide internal compiler names=1
Skip leading spaces from source=1
Hide Call DLL window on call=0
Pause after call to DLL is finished=1
Mark only important operands=0
Block external WM_CLOSE=1
Activate speech=0
Translate commands and registers=1
Skip leading zeros in hex numbers=1
Bring OllyDbg to top on pause=1
Put ASCII text to clipboard=0
Warnmode when breakpoint set on non-command=6
Warnmode when EIP set on non-command=0
Warnmode when active when closing OllyDbg=6
Warnmode when copy of executable file changed=1
Warnmode when EIP inside the patch=0
Code page for ASCII dumps=1252
Use hardware breakpoints for stepping=0
Ignore all service exceptions=1
Allow .NET debugging=0
Scan registry for GUIDs on starup=0
Allow automatic SFX extraction=0
SFX extraction mode=0
Use real SFX entry from previous run=1
Ignore SFX exceptions=1
Monitor internal memory allocation=0
Alternative forms of conditional commands=1
Permanent breakpoints on system code=0
Ignore INT3 in MSCORWKS=1
Keep hit trace between sessions=1
GUI language=0
Search accuracy=0
Warnmode when IAT is copied back to exe=0
Warnmode when IAT is autocopied back to exe=0
Code page for multibyte dumps=65001
Disable GDI scripting support=0
Show call arguments=0
Type of break command=4
Hide unimportant handles=1
Show original handle names=0
Hide current registers warning=0
Search for library functions=1
[OllyDbg]
Placement=123,140,1157,767,1
[History]
Data directory=C:\odbg201
Plugin directory=C:\odbg201
Standard library directory=C:\odbg201
API help file=
Executable[0]=C:\odbg201\Test.exe
Arguments[0]=
Current dir[0]=
Log file=log.txt
Trace save file=trace.txt
Last viewed file=
Last keyboard shortcuts file=shortcuts.ini
Previous JIT=
Debug data directory[0]=
Debug data directory[1]=
Debug data directory[2]=
Alternative initialization file=
Last object or library file=
Last image library file=
Executable[1]=
Arguments[1]=
Current dir[1]=
Executable[2]=
Arguments[2]=
Current dir[2]=
Executable[3]=
Arguments[3]=
Current dir[3]=
Executable[4]=
Arguments[4]=
Current dir[4]=
Executable[5]=
Arguments[5]=
Current dir[5]=
[CPU]
Placement=0,0,1005,610,3
Offset[0]=0
Offset[1]=-263
Offset[2]=1
Offset[3]=24
[CPU Disasm]
Appearance=3,6,1,0,6
Columns=63,119,280,1792
[CPU Info]
Appearance=7,6,0,0,0
[CPU registers]
Appearance=3,6,0,0,0
Local=2,72448
[CPU Dump]
Appearance=3,6,1,0,0
Columns=63,336,119
Local=00011001
[CPU Stack]
Appearance=3,6,0,0,0
Columns=63,70,35,1792
Local=000A0104
