You want to do something with all the files, or a selection of files, in the current folder or subfolder? In a Command Prompt or in VBscript this is a little hassle. In PowerShell is this very easy.
At first start your
In this type type the following code:
# collect all files in current folder and subfolders, matching extension .evtx
# to only process the current folder remove the '-Recurse' option
$evtfiles = get-childitem -Filter *.evtx -Recurse
foreach ($evtfile in $evtfiles)
# Display the filename including path to the console
write-host "Scanning" $evtfile.fullname
# Display only the filename to the console
write-host "Scanning" $evtfile.name
# command example with wevtutil (Windows Event Viewer Commandline)
wevtutil qe $evtfile.fullname /lf:true "/q:*[System[(EventID=1085)]]" /f:text
So you can quickly process a certain command to all the files you filtered.
Maybe you have that a problem too, you want to download a fix from Microsoft which was published in the Windows Update but you don’t know anymore where to find it.
There is a solution for this. Go to http://catalog.update.microsoft.com/ and you can search within Windows Update and easy download the patch you need!
You know this? Like to run an VBscript with elevated rights but the User Account Control (UAC) is preventing it. Normally you will open the Command Line as Administrator, and run your script. There is an more easy way to do this.
When you include the following code in your VBscript:
' Windows UAC Settings for this script
'this is at the start of your script
' msgbox or your own program
Msgbox "UAC right now!"
' Force to start with elevated prompt if neccessary on that OS
If UACTurnedOn = True And UAC=True Then
' UAC Enabled
' Returns the running executable as upper case from the last \ symbol
Dim strStartExe, oSh, completearguments, x
' Receive launcher
strStartExe = UCase( Mid( wscript.fullname, instrRev(wscript.fullname, "\") + 1 ) )
' Collect arguments
for x = 0 to wscript.arguments.count - 1
completearguments = completearguments & " """ & wscript.arguments(x) & """"
If Instr(completearguments, "uac") then
' Already launched with uac
' Launch this script in UAC mode
completearguments = completearguments & " uac"
'Msgbox strStartExe & " """ & wscript.scriptfullname & """ " & completearguments
set oSh = CreateObject("Shell.Application")
oSh.ShellExecute strStartExe, """" & wscript.scriptfullname & """ " & completearguments, "", "runas", 1
'oSh.ShellExecute strStartExe, wscript.scriptfullname & " " & completearguments, "runas", 1
Function UACTurnedOn ()
' Check for UAC enabled computer
On Error Resume Next
Set oShell = CreateObject("WScript.Shell")
If oShell.RegRead("HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA") = 0 Then
UACTurnedOn = false
UACTurnedOn = true
You will get the popupbox when you double-click on the script. Maybe you have to change your script a little bit, but it is still nice