Why can "find" not be used in PowerShell?

Try:

find /i "`"System.Diagnostics.Process`"" *.ps1xml

I used Sysmon.exe to compare the executions in PowerShell.exe and cmd.exe:

For cmd.exe:

 Image: C:\Windows\System32\find.exe
 CommandLine: find  /i "System.Diagnostics.Process" *.ps1xml
 ParentImage: C:\Windows\System32\cmd.exe

For PowerShell:

 Image: C:\Windows\System32\find.exe
 CommandLine: "C:\Windows\system32\find.exe" /i System.Diagnostics.Process *.ps1xml
 ParentImage: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

we can see that in PowerShell, the quotes around the search-term are missing, so by adding another set of double-quotes it should work.


TL;DR:

Escape the double quotes or put the string inside single quotes

find.exe /i "`"System.Diagnostics.Process`"" *.ps1xml
find.exe /i """System.Diagnostics.Process""" *.ps1xml
find.exe /i '"System.Diagnostics.Process"' *.ps1xml
find.exe /i `"System.Diagnostics.Process`" *.ps1xml

or use verbatim arguments

find.exe --% "System.Diagnostics.Process" *.ps1xml

As Peter Hahndorf said, PowerShell is stripping the outer quotes. See PowerShell stripping double quotes from command line arguments. You can check it by echoing or writing the string directly in command line

PS C:\> echo C:\Windows\System32\find.exe /i "System.Diagnostics.Process" *.ps1xml
C:\Windows\System32\find.exe
/i
System.Diagnostics.Process
*.ps1xml
PS C:\> "System.Diagnostics.Process"
System.Diagnostics.Process

IMHO it's a good thing because now you can use single quotes to wrap strings. You also have a standardized way to pass special characters in parameters similar to bash, unlike in cmd where embedded double quotes are a pain

According to PowerShell quoting rule you must escape the quote by either `backticks` or the double quote itself, or simply put it in single quotes like above

In simple cases like this when there's no space in the parameter you can also escape the double quotes directly without putting it inside another pair of quotes

find.exe /i `"System.Diagnostics.Process`" *.ps1xml

However there's an easier way with Verbatim arguments --%

In PowerShell 3.0 the special marker --% is a signal to PowerShell to stop interpreting any remaining characters on the line. This can be used to call a non-PowerShell utility and pass along some quoted parameters exactly as is.

As a result you can use it like this

find.exe --% "System.Diagnostics.Process" *.ps1xml

Or if you don't need Unicode support then you can simply find with findstr which doesn't need the quotes

PS C:\Users> help | findstr command
    topics at the command line.
    The Get-Help cmdlet displays help at the command line from content in

But if PowerShell is available then you can use its Select-String cmdlet directly. It's much more powerful than find and findstr