Okay, I'm getting tired of answering this question but I have to admit that there is relatively little technical information out there on it.  The most common requests I get for MOM scripts are for things like monitoring if a process is running, if a file gets created, if a registry key gets changed, etc.  Essentially, these are to monitor some action on the computer that we can't detect through standard MOM providers.

Most of the time, monitoring these actions does not require a script.  They can be handled with a relatively simple WMI provider.  This is far more efficient than script - easier to create, less overhead on the agent, and way more responsive.  Rather than running a script every few minutes to figure out if a process is running for example, I can have a WMI notification tell me when the process terminates.  Rather then regularly checking if some file exists, I can have a WMI notification tell me when it gets created.

I have a document that I wrote on this that includes an overview of WMI, methods for writing and testing WMI queries, and a bunch of examples.  Have a look.