Don't know for sure, but this looks like an "epoch" type value.
E.g. the number of milliseconds, microseconds, or even nanoseconds after
some "epoch" in time.
It'd be fun to play with to figure out, but a pain if you're in a hurry.
Just a quick look at converting that value into a "number" - it's huge.
So it's probably nanoseconds. Now, the fun is trying to figure out the
epoch.
If you know the actual date the reg_qword is supposed to be (like you
know it was set to yesterday), you could do some subtraction - I'd
suggest dividing out the nanoseconds, get to seconds, and subtract the
value from the known date/time. Usually the epoch values are midnight of
January 1 of some year (e.g. Jan 1, 1801, 00:00:00am)... So if the
subtraction gets you close to something like that you know you're on the
right track.
HTH,
-Charlie
On 4/28/2015 7:10 AM, Chris Davis wrote:
Hi All
I am trying to convert this time stamp in the registry to a real date and time
... any ideas ..
1d07b6bd878cf84
It is down as a REG_QWORD value.
Thanks
Chris.
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________
--- StripMime Report -- processed MIME parts ---
multipart/alternative
text/plain (text body -- kept)
text/html
---
[excessive quoting removed by server]
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/[email protected]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
