<div>
You can pull the Operating System install date from WMI.<br />
<br />
In the \\root\cimv2 namespace look at the InstallDate from this query:<br />
<br />

<pre><code class="code-1 nolinks" id="code-20-39890051-1"><span>select * from Win32_OperatingSystem</span>
</code></pre>
<br />
You can run 'wbemtest' to test this query through the WMI Tester UI.
</div>


<div>
Gives me the O.S. name and drive partition installed on but not date drive was imaged. See attached.<br />
<a href="https://filedb.experts-exchange.com/incoming/2014/02_w09/837060/wbemtest.bmp" target="_blank" class="file-inline" title="'wbemtest' test results (576 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>wbemtest.bmp</a>
</div>


wbemtest.bmp

<div>
Gives me the O.S. name and drive partition installed on but not date drive was imaged. See attached.
</div>


<div>
I would think you only will see when machine was first started. Event viewer?
</div>


<div>
Event Viewer has most likely overwritten that event.<br />
<br />
From the screenshot you included double-click on that line, that should give you the properties.
</div>


<div>
You could also run systeminfo at a command prompt and see. &nbsp;It'll be at the top, so if it gets lost above the hotfix info then do 'systeminfo | more'.
</div>


<div>
with powershell<br />
PS G:\Documents\WindowsPowerS<wbr />hell\Scrip<wbr />ts&gt; gwmi win32_operatingsystem | select installdate | fl<br />
installdate : 20130913083114.000000-240<br />
<br />
you can use the -computername <br />
<br />
S G:\Documents\WindowsPowerS<wbr />hell\Scrip<wbr />ts&gt; gwmi win32_operatingsystem -ComputerName . | select installdate | fl<br />
for other computers
</div>


<div>
If you know what the event ID would be for system imaging or re-image then I can try to search for it. Some of these systems where image months or even years ago. <br />
<br />
When I double-click on the query results I get tons of property information, but no image or re-imaging date.
</div>


<div>
I can run C:\&gt; Systeminfo | find /i &quot;install date&quot; , but this gives me the date of the O.S. in the &nbsp;image file that was installed on the computer, not the date the computer was imaged.
</div>


<div>
The Powershell command also give you the date of the O.S. in the &nbsp;image file that was installed on the computer, not the date the computer was imaged. <br />
<br />
PS G:\Documents\WindowsPowerS<wbr />hell\Scrip<wbr />ts&gt; gwmi win32_operatingsystem | select installdate | fl
</div>


<div>
Probably not going to be able to access this info from the O.S., since the entire O.S. itself has been over-written with a new image. I'm thinking that I'm going to need to get this information from the system bios or the hard drive controller. Something that is flagged or changed when the O.S. has been changed.
</div>


<div>
I think you are correct, the only way I can determine the date a computer was imaged or re-imaged is by using the catalog or reports from the computer that does the imaging. ie: Symantec Ghostcast Server or Fog imaging server.
</div>


<div>
<div class="content wysiwyg-content">
Is there a way to determine the date a computer has been imaged or re-imaged?
</div>
</div>


Is there a way to determine the date a computer has been imaged or re-imaged?

Date a computer has been imaged or re-imaged?

A desktop computer is a personal computer designed for use at a single location due to its size and power requirements, usually by one person. The most common configuration has a case that houses the power supply, motherboard, disk storage (usually one or more hard disk drives and optical disc drives); a keyboard and mouse for input; and computer monitor and printer for output. The case may be oriented horizontally and placed atop a desk or vertically and placed underneath or beside a desk.

Desktops

The Microsoft Legacy Operating System topic includes legacy versions of Microsoft operating systems prior to Windows 2000: All versions of MS-DOS and other versions developed for specific manufacturers and Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions, and Windows Mobile.

Microsoft Legacy OS

Microsoft Windows XP is the sixth release of the NT series of operating systems, and was the first to be marketed in a variety of editions: XP Home and XP Professional, designed for business and power users. The advanced features in XP Professional are generally disabled in Home Edition, but are there and can be activated. There were two 64-bit editions, an embedded edition and a tablet edition.

Windows XP

Windows 7 is an operating system from Microsoft. Features include multi-touch support, a redesigned Windows Shell with a new taskbar, referred to as the Superbar, a home networking system called HomeGroup, and performance improvements.

Windows 7

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.