OllyDbg v2.01 colours/highlighting scheme

1. Preview (yeah it looks like v1.0 arrangement... you know, old habit..): http://i.imgur.com/PRz0bIc.png
2.  
3. [Settings]
4. Check DLL versions=0
5. GUI language=0
6. Topmost window=0
7. Show main menu items that don't apply=0
8. Show popup items that don't apply=0
9. Show toolbar=1
10. Use system colours in toolbar=0
11. Status in toolbar=1
12. Flash duration=1
13. Autoupdate interval=4
14. Mode of main window=0
15. Restore windows=7423
16. Bring OllyDbg to top on pause=1
17. Restore window positions=1
18. Restore width of columns=0
19. Restore sorting criterium=1
20. Highlight sorted column=1
21. Right click selects=1
22. Index of default font=1
23. Index of default UNICODE font=3
24. Index of default colours=0
25. Code highlighting=0
26. Horizontal scroll=0
27. Snow-free drawing=1
28. Append arguments=1
29. Allow diacritical symbols=1
30. Decode pascal strings=1
31. Use IsTextUnicode=0
32. String decoding=2
33. File graph mode=1
34. Put ASCII text to clipboard=0
35. Monitor internal memory allocation=0
36. Dialog font mode=0
37. Font in dialogs=0
38. Align dialogs=1
39. Global search=1
40. Aligned search=0
41. Search accuracy=0
42. Ignore case=0
43. Search direction=1
44. Floating search with margin=0
45. Allow extra commands in sequence=1
46. Allow jumps into the sequence=0
47. Keep size of hex edit selection=1
48. List sorting mode=0
49. Modify FPU tag=0
50. MMX display mode=0
51. Show tooltips in dialog windows=1
52. X options coordinate=1062
53. Y options coordinate=462
54. Last selected options pane=7
55. Last edited font in options=0
56. Last edited scheme in options=6
57. Last edited colour index in options=9
58. Last edited highlighting in options=7
59. Last edited highlighting index in options=13
60. Warnmode when not administrator=1
61. Warnmode for packed code in Analyzer=0
62. Warnmode when INT3 breakpoint is corrupt=0
63. Warnmode when breakpoint set on non-command=0
64. Warnmode when EIP set on non-command=0
65. Warnmode when clipboard size too large=0
66. Warnmode when all threads are suspended=0
67. Warnmode when thread is changed=0
68. Warnmode when process is still running=6
69. Warnmode when active when closing OllyDbg=6
70. Warnmode when unable to close process=0
71. Warnmode when executable differs from udd=0
72. Warnmode when INT3 in udd has different cmd=0
73. Warnmode when fixups are modified=0
74. Warnmode when IAT is copied back to exe=0
75. Warnmode when IAT is autocopied back to exe=0
76. Warnmode when copy of executable file changed=0
77. Warnmode when memory breakpoint on stack=0
78. Warnmode when modified debug registers=0
79. Warnmode when launching loaddll=0
80. Warnmode when EIP inside the patch=0
81. Only ASCII printable in dump=0
82. Code page for ASCII dumps=1252
83. Code page for multibyte dumps=65001
84. Underline fixups=1
85. Show jump direction=1
86. Show jump path=1
87. Show grayed path if jump is not taken=1
88. Fill rest of command with NOPs=1
89. Action on letter key in Disassembler=1
90. Wide characters in UNICODE dumps=1
91. Disable GDI scripting support=0
92. Automatically backup user code=0
93. Visible lines when scrolling disasm=1
94. IDEAL disassembling mode=0
95. Disassemble in lowercase=0
96. Separate arguments with TAB=0
97. Extra space between arguments=0
98. Show default segments=1
99. Always show memory size=1
100. NEAR jump modifiers=0
101. Alternative forms of conditional commands=1
102. Use short form of string commands=0
103. Use RET instead of RETN=0
104. SSE size decoding mode=0
105. Jump hint decoding mode=0
106. Size sensitive mnemonics=1
107. Top of FPU stack=1
108. Show symbolic addresses=1
109. Show local module names=0
110. Demangle symbolic names=0
111. Show call arguments=0
112. Type of break command=0
113. Use hardware breakpoints for stepping=1
114. Hide unimportant handles=1
115. Show original handle names=0
116. Permanent breakpoints on system code=0
117. First pause=2
118. Pause on attach=1
119. Pause on Loaddll=1
120. Assume flat selectors=0
121. Ignore access violations in KERNEL32=1
122. Ignore INT3 in MSCORWKS=1
123. Ignore INT3=0
124. Ignore TRAP=0
125. Ignore access violations=0
126. Ignore division by 0=0
127. Ignore illegal instructions=0
128. Ignore all FPU exceptions=0
129. Ignore all service exceptions=0
130. Ignore custom exception ranges=1
131. Call UnhandledExceptionFilter=0
132. Report ignored exceptions to log=1
133. Autoreturn=0
134. Use DebugBreakProcess=0
135. Use ExitProcess=1
136. Warn when frequent breaks=1
137. Allow command emulation=0
138. Debug child processes=0
139. Animation delay index=0
140. Stop on new DLL=0
141. Stop on DLL unload=0
142. Stop only on selected modules=0
143. Stop on debug string=0
144. Stop on new thread=0
145. Stop on thread end=0
146. Enable use of debugging data=1
147. Use dbghelp to walk stack=0
148. Use Microsoft Symbol Server=0
149. Hide missing source files=1
150. Hide internal compiler names=1
151. Skip leading spaces from source=1
152. Hide Call DLL window on call=0
153. Pause after call to DLL is finished=1
154. Allow .NET debugging=0
155. Scan registry for GUIDs on starup=0
156. Run trace protocolling options=0
157. Run trace buffer size index=2
158. Trace over system DLLs=1
159. Trace over string commands=1
160. Save traced commands=0
161. Save accessed memory to trace=0
162. Save FPU registers to trace=0
163. Synchronize CPU and Run trace=1
164. Set breakpoints on callbacks in hit trace=0
165. Hit trace mode for indirect jumps=0
166. Stop hit trace if not command=0
167. Hit trace outside the code section=2
168. Keep hit trace between sessions=0
169. Show symbolic names in protocol range list=0
170. Allow automatic SFX extraction=0
171. SFX extraction mode=0
172. Use real SFX entry from previous run=1
173. Ignore SFX exceptions=1
174. Use predictions in search=1
175. References include indirect jumps=1
176. Add origin to search results=0
177. Default resource language=9
178. Gray inactive windows=1
179. Gray register names=0
180. Center FOLLOWed command=1
181. Decode registers for any IP=1
182. Hide current registers warning=0
183. Remove code hilite on register hilite=1
184. Automatically select register type=0
185. Enable SSE registers=0
186. Label display mode=0
187. Highlight symbolic labels=0
188. Log buffer size index=2
189. Tabulate columns in log file=0
190. Append data to existing log file=0
191. Auto analysis=1
192. No predicted registers in system DLLs=0
193. Fuzzy analysis=1
194. Report problems during analysis=0
195. Decode tricks=1
196. Mark tricks=0
197. Search for library functions=1
198. Decode ifs as switches=0
199. Mark only important operands=0
200. Functions preserve registers=0
201. Ignore braces in udd path=1
202. Guess number of arguments=1
203. Guess arguments from mangled names=1
204. Guess meaning of guessed arguments=1
205. Show uncertain arguments=1
206. Rename value dependent arguments=0
207. Show predicted values=1
208. Show ARG and LOCAL in disassembly=1
209. Use symbolic names for ARG and LOCAL=1
210. Show ARG and LOCAL in comments=1
211. Show loops=1
212. Accept far calls and returns=0
213. Accept direct segment modifications=0
214. Accept privileged commands=0
215. Accept I/O commands=0
216. Accept NOPs=1
217. Accept shifts out of range=0
218. Accept superfluous prefixes=0
219. Accept default prefixes=1
220. Accept valid LOCK prefixes=1
221. Accept unaligned stack operations=1
222. Accept suspicious ESP operations=0
223. Accept non-standard command forms=1
224. Accept access to nonexisting memory=0
225. Accept interrupt commands=0
226. Block external WM_CLOSE=1
227. Activate speech=0
228. Translate commands and registers=1
229. Skip leading zeros in hex numbers=1
230. [OllyDbg]
231. Placement=123,100,1001,686,0
232. [INT3 breakpoints]
233. Placement=258,200,744,175,1
234. Appearance=1,6,1,0,0
235. Columns=54,54,72,240,1536
236. Sort=0
237. [History]
238. Log file=log.txt
239. Trace save file=trace.txt
240. Data directory=udd
241. Standard library directory=udl
242. Plugin directory=plugins
243. API help file=
244. Alternative initialization file=ollydbg.ini
245. Last viewed file=
246. Last keyboard shortcuts file=shortcuts.ini
247. Last object or library file=
248. Last image library file=
249. Debug data directory[0]=
250. Debug data directory[1]=
251. Debug data directory[2]=
252. Previous JIT=
253. Executable[0]=
254. Arguments[0]=
255. Current dir[0]=
256. Executable[1]=
257. Arguments[1]=
258. Current dir[1]=
259. Executable[2]=
260. Arguments[2]=
261. Current dir[2]=
262. Executable[3]=
263. Arguments[3]=
264. Current dir[3]=
265. Executable[4]=
266. Arguments[4]=
267. Current dir[4]=
268. Executable[5]=
269. Arguments[5]=
270. Current dir[5]=
271.  
272. [CPU]
273. Placement=22,22,392,315,3
274. Offset[0]=37
275. Offset[1]=-6
276. Offset[2]=0
277. Offset[3]=-33
278. [CPU Disasm]
279. Appearance=1,6,0,0,7
280. Columns=54,102,240,1536
281. [CPU Info]
282. Appearance=1,6,0,0,0
283. [CPU registers]
284. Appearance=1,7,1,0,0
285. Local=0,66816
286. [CPU Dump]
287. Appearance=1,6,1,0,0
288. Columns=54,288,102
289. Local=00011001
290. [CPU Stack]
291. Appearance=1,7,1,0,0
292. Columns=54,60,1536
293. Local=00090104
294. [Dialog placement]
295. Select range of exception codes=502,249
296. Assemble=533,108
297. [Search]
298. Placement=132,132,392,243,1
299. [Search tab]
300. Appearance=1,6,1,0,0
301. Columns=
302. Sort=0
303. [Run trace data]
304. Placement=135,257,918,175,1
305. Appearance=1,6,1,0,7
306. Columns=54,48,54,54,240,144,1536
307. Sort=0
308. [Call stack]
309. Placement=22,22,624,175,1
310. Appearance=1,6,1,0,0
311. Columns=54,54,270,168,54
312. Sort=0
313. [Hardware breakpoints]
314. Placement=0,0,828,175,1
315. Appearance=1,6,1,0,0
316. Columns=30,54,54,54,72,240,1536
317. Sort=0
318. [Memory breakpoints]
319. Placement=176,176,588,175,1
320. Appearance=1,6,1,0,0
321. Columns=54,54,54,30,72,1536
322. Sort=0
323. [Threads]
324. Placement=110,110,708,175,1
325. Appearance=1,6,1,0,0
326. Columns=36,54,108,108,54,54,54,72,72,72
327. Sort=0
328. [Windows]
329. Placement=88,88,792,175,1
330. Appearance=1,6,1,0,0
331. Columns=78,192,54,54,54,48,54,54,54,54,72
332. Sort=0
333. [Memory]
334. Placement=66,66,858,175,1
335. Appearance=1,6,1,0,0
336. Columns=54,54,96,60,144,30,48,48,1536
337. Sort=0
338. [Log data]
339. Placement=44,44,378,175,1
340. Appearance=1,6,1,0,0
341. Columns=54,1536
342. Sort=0
343. [Modules]
344. Placement=22,22,990,175,1
345. Appearance=1,6,1,0,0
346. Columns=54,54,54,96,72,96,240,1536
347. Sort=0
348. [ODbgScript]
349. Restore Script window=0
350. Restore Script Log=0
351. [Filedump]
352. Placement=242,242,468,175,1
353. Appearance=1,6,1,0,0
354. [Ignored exceptions]
355. Range[0]=0 ffffffff
356. [Colour schemes]
357. Scheme name[0]=Black on white
358. Foreground_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
359. Foreground_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
360. Background_1[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
361. Background_2[0]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
362. Operands[0]=0
363. Modified commands[0]=0
364. Scheme name[1]=Yellow on blue
365. Foreground_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
366. Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
367. Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
368. Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
369. Operands[1]=0
370. Modified commands[1]=0
371. Scheme name[2]=Marine
372. Foreground_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
373. Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
374. Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
375. Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
376. Operands[2]=0
377. Modified commands[2]=0
378. Scheme name[3]=Mostly black
379. Foreground_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
380. Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
381. Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
382. Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
383. Operands[3]=0
384. Modified commands[3]=0
385. Scheme name[4]=Scheme 4
386. Foreground_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
387. Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
388. Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
389. Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
390. Operands[4]=0
391. Modified commands[4]=0
392. Scheme name[5]=Scheme 5
393. Foreground_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
394. Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
395. Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
396. Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
397. Operands[5]=0
398. Modified commands[5]=0
399. Scheme name[6]=Instructions-Status-Dump Xyl
400. Foreground_1[6]=*,FFFFFF,0,C0C0C0,800000,*,*,FFFFFF,800000,C0C0C0,*,*,*,*,*,*
401. Foreground_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
402. Background_1[6]=C0C0C0,C0C0C0,C0C0C0,*,FFFFFF,*,*,*,*,808080,*,*,*,*,*,*
403. Background_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
404. Operands[6]=0
405. Modified commands[6]=0
406. Scheme name[7]=Registers-Stack Xyl
407. Foreground_1[7]=C0C0C0,FFFF,*,*,*,*,*,*,*,*,*,*,*,*,*,*
408. Foreground_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
409. Background_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
410. Background_2[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
411. Operands[7]=0
412. Modified commands[7]=0
413. [Highlighting schemes]
414. Scheme name[1]=Christmas tree
415. Foreground_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
416. Foreground_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
417. Background_1[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
418. Background_2[1]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
419. Operands[1]=1
420. Modified commands[1]=1
421. Scheme name[2]=Jumps and calls
422. Foreground_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
423. Foreground_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
424. Background_1[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
425. Background_2[2]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
426. Operands[2]=0
427. Modified commands[2]=0
428. Scheme name[3]=Memory access
429. Foreground_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
430. Foreground_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
431. Background_1[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
432. Background_2[3]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
433. Operands[3]=1
434. Modified commands[3]=1
435. Scheme name[4]=Hilite 4
436. Foreground_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
437. Foreground_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
438. Background_1[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
439. Background_2[4]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
440. Operands[4]=0
441. Modified commands[4]=0
442. Scheme name[5]=Hilite 5
443. Foreground_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
444. Foreground_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
445. Background_1[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
446. Background_2[5]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
447. Operands[5]=0
448. Modified commands[5]=0
449. Scheme name[6]=Hilite 6
450. Foreground_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
451. Foreground_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
452. Background_1[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
453. Background_2[6]=*,*,*,*,*,*,*,*,*,*,*,*,*,*,*,*
454. Operands[6]=0
455. Modified commands[6]=0
456. Scheme name[7]=Code Highlight Xyl
457. Foreground_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,0,0,FF,0
458. Foreground_2[7]=0,0,0,*,800000,0,*,*,0,*,*,0,0,0,0,*
459. Background_1[7]=*,*,*,*,*,*,*,*,*,*,*,*,*,FFFF,FFFF,*
460. Background_2[7]=FFFF00,FF00,*,FF,*,*,*,*,*,*,*,*,*,*,*,*
461. Operands[7]=1
462. Modified commands[7]=1
463. [Fonts]
464. Font name[0]=OEM fixed font
465. Font data[0]=0,0,0,0,0,0,0,0,0,0,0,10
466. Face name[0]=
467. Font name[1]=Terminal 6
468. Font data[1]=9,6,700,0,0,0,255,0,1,1,0,0
469. Face name[1]=Terminal
470. Font name[2]=System fixed font
471. Font data[2]=0,0,0,0,0,0,0,0,0,0,0,16
472. Face name[2]=
473. Font name[3]=Courier (UNICODE)
474. Font data[3]=14,0,400,0,0,0,1,2,5,-2,0,0
475. Face name[3]=Courier New
476. Font name[4]=Lucida (UNICODE)
477. Font data[4]=10,6,400,0,0,0,1,2,5,0,0,0
478. Face name[4]=Lucida Console
479. Font name[5]=Font 5
480. Font data[5]=9,6,700,0,0,0,255,0,1,1,0,0
481. Face name[5]=Terminal
482. Font name[6]=Font 6
483. Font data[6]=0,0,0,0,0,0,0,0,0,0,0,16
484. Face name[6]=
485. Font name[7]=Font 7
486. Font data[7]=14,0,400,0,0,0,1,2,5,-2,0,0
487. Face name[7]=Courier New