Process 가 최초 실행된 시작 시간을 확인할 수 있는 방법이 있을까요? 유틸리티를 통해서 확인할 수 있는 방법도 있겠지만 Windows 운영체제에서 제공하는 WMIC(Windows Management Instrumentation Command-line) 를 사용하여 간단히 확인할 수 있는 방법이 있습니다. tasklist 또는 pstools 에서 제공하는 유틸리티를 사용하지 않고도 process 상태에 대한 다양한 정보를 쿼리하여 확인할 수 있습니다.
[실행명령]
1. caption - 프로세스 이름
2. processid - PID
3. parentprocessid - 부모 프로세스 PID
4. creationdate - 프로세스 생성 시간
* 이외 추가적인 Win32_Process 의 WMI Class 목록은 참고자료 링크를 확인하시기 바랍니다.
[실행명령]
C:\> wmic path win32_process get caption, processid, parentprocessid,creationdate
1. caption - 프로세스 이름
2. processid - PID
3. parentprocessid - 부모 프로세스 PID
4. creationdate - 프로세스 생성 시간
* 이외 추가적인 Win32_Process 의 WMI Class 목록은 참고자료 링크를 확인하시기 바랍니다.
[실행결과]
[참고자료]
Caption CreationDate ParentProcessId ProcessId
System Idle Process 0 0
System 20110212194809.989611+540 0 4
smss.exe 20110212194810.052011+540 4 276
csrss.exe 20110212194814.529219+540 360 368
wininit.exe 20110212194815.948821+540 360 436
csrss.exe 20110212194815.964421+540 428 460
services.exe 20110212194816.026822+540 436 484
lsass.exe 20110212194816.058022+540 436 508
lsm.exe 20110212194816.058022+540 436 516
winlogon.exe 20110212194816.198422+540 428 588
svchost.exe 20110212194816.323222+540 484 672
nvvsvc.exe 20110212194816.494822+540 484 736
svchost.exe 20110212194816.588422+540 484 776
svchost.exe 20110212194816.744423+540 484 868
svchost.exe 20110212194816.900423+540 484 900
svchost.exe 20110212194816.916023+540 484 924
svchost.exe 20110212194817.836425+540 484 372
svchost.exe 20110212194818.039225+540 484 428
spoolsv.exe 20110212194819.155627+540 484 1184
svchost.exe 20110212194819.235628+540 484 1216
nvvsvc.exe 20110212194819.415628+540 736 1316
AppleMobileDeviceService.exe 20110212194819.655628+540 484 1336
mDNSResponder.exe 20110212194821.197639+540 484 1408
svchost.exe 20110212194821.357640+540 484 1500
IMEDICTUPDATE.EXE 20110212194821.367640+540 484 1532
npkcmsvc.exe 20110212194821.657640+540 484 1600
npstartersvc.exe 20110212194821.697640+540 484 1640
sqlwriter.exe 20110212194821.797640+540 484 1680
WUDFHost.exe 20110212194825.048845+540 900 2008
svchost.exe 20110212195024.654255+540 484 1732
SearchIndexer.exe 20110212195025.293856+540 484 1036
taskhost.exe 20110212201505.783257+540 484 2772
dwm.exe 20110212201505.845657+540 900 3044
explorer.exe 20110212201505.892457+540 2844 2380
daemon.exe 20110212201506.594458+540 2380 2148
ONENOTEM.EXE 20110212201506.688058+540 2380 1236
audiodg.exe 20110212201506.828459+540 868 1056
iTunesHelper.exe 20110212201507.031259+540 1328 1052
communicator.exe 20110212201507.031259+540 1328 2076
iPodService.exe 20110212201509.370073+540 484 2532
OUTLOOK.EXE 20110212201516.702086+540 2380 800
OSPPSVC.EXE 20110212201519.666091+540 484 2168
iexplore.exe 20110212201616.668591+540 2380 3488
iexplore.exe 20110212201616.949392+540 3488 3544
atbsvc.exe 20110212201618.010194+540 672 3632
FlashUtil10m_ActiveX.exe 20110212201619.956598+540 672 3852
wmplayer.exe 20110212201626.971982+540 3488 2256
iexplore.exe 20110212201945.491337+540 3488 2584
iexplore.exe 20110212201948.751523+540 3488 2840
OSE.EXE 20110212202017.109145+540 484 3656
cmd.exe 20110212202036.243240+540 2380 2852
conhost.exe 20110212202036.258241+540 460 2836
WmiPrvSE.exe 20110212202311.789137+540 672 2744
WMIC.exe 20110212202318.098497+540 2852 3428
System Idle Process 0 0
System 20110212194809.989611+540 0 4
smss.exe 20110212194810.052011+540 4 276
csrss.exe 20110212194814.529219+540 360 368
wininit.exe 20110212194815.948821+540 360 436
csrss.exe 20110212194815.964421+540 428 460
services.exe 20110212194816.026822+540 436 484
lsass.exe 20110212194816.058022+540 436 508
lsm.exe 20110212194816.058022+540 436 516
winlogon.exe 20110212194816.198422+540 428 588
svchost.exe 20110212194816.323222+540 484 672
nvvsvc.exe 20110212194816.494822+540 484 736
svchost.exe 20110212194816.588422+540 484 776
svchost.exe 20110212194816.744423+540 484 868
svchost.exe 20110212194816.900423+540 484 900
svchost.exe 20110212194816.916023+540 484 924
svchost.exe 20110212194817.836425+540 484 372
svchost.exe 20110212194818.039225+540 484 428
spoolsv.exe 20110212194819.155627+540 484 1184
svchost.exe 20110212194819.235628+540 484 1216
nvvsvc.exe 20110212194819.415628+540 736 1316
AppleMobileDeviceService.exe 20110212194819.655628+540 484 1336
mDNSResponder.exe 20110212194821.197639+540 484 1408
svchost.exe 20110212194821.357640+540 484 1500
IMEDICTUPDATE.EXE 20110212194821.367640+540 484 1532
npkcmsvc.exe 20110212194821.657640+540 484 1600
npstartersvc.exe 20110212194821.697640+540 484 1640
sqlwriter.exe 20110212194821.797640+540 484 1680
WUDFHost.exe 20110212194825.048845+540 900 2008
svchost.exe 20110212195024.654255+540 484 1732
SearchIndexer.exe 20110212195025.293856+540 484 1036
taskhost.exe 20110212201505.783257+540 484 2772
dwm.exe 20110212201505.845657+540 900 3044
explorer.exe 20110212201505.892457+540 2844 2380
daemon.exe 20110212201506.594458+540 2380 2148
ONENOTEM.EXE 20110212201506.688058+540 2380 1236
audiodg.exe 20110212201506.828459+540 868 1056
iTunesHelper.exe 20110212201507.031259+540 1328 1052
communicator.exe 20110212201507.031259+540 1328 2076
iPodService.exe 20110212201509.370073+540 484 2532
OUTLOOK.EXE 20110212201516.702086+540 2380 800
OSPPSVC.EXE 20110212201519.666091+540 484 2168
iexplore.exe 20110212201616.668591+540 2380 3488
iexplore.exe 20110212201616.949392+540 3488 3544
atbsvc.exe 20110212201618.010194+540 672 3632
FlashUtil10m_ActiveX.exe 20110212201619.956598+540 672 3852
wmplayer.exe 20110212201626.971982+540 3488 2256
iexplore.exe 20110212201945.491337+540 3488 2584
iexplore.exe 20110212201948.751523+540 3488 2840
OSE.EXE 20110212202017.109145+540 484 3656
cmd.exe 20110212202036.243240+540 2380 2852
conhost.exe 20110212202036.258241+540 460 2836
WmiPrvSE.exe 20110212202311.789137+540 672 2744
WMIC.exe 20110212202318.098497+540 2852 3428
[참고자료]
http://technet.microsoft.com/ko-kr/library/cc784189(WS.10).aspx
Win32_Process Class
http://msdn.microsoft.com/en-us/library/aa394372(v=vs.85).aspx
작성자 : Lai Go / 작성일자 : 2011.02.12
