Q. Is there a way with PowerShell to check on a registry key/file and if it changes set it back?

Q. Is there a way with PowerShell to check on a registry key/file and if it changes set it back?

A. There are many ways to achieve this. Below is a very basic example that simply does a check once a minute for a registry value and if it is not the required value it is set back:

$key = 'HKLM:SOFTWAREMicrosoftWindows NTCurrentVersionWinlogon'while ($true){    #Check the registry value for AutoAdminLogon    $AutoAdminLogon = (Get-ItemProperty -Path $key -Name AutoAdminLogon).AutoAdminLogon    if ($AutoAdminLogon -eq "0")    {        $timenow = [datetime]::Now        Write-Output "$timenow - AutoAdminLogon is 0"        #Enable the AutoAdminLogon        Set-ItemProperty -Path $key -Name AutoAdminLogon -Value "1"        Set-ItemProperty -Path $key -Name DefaultUsername -Value "localadmin"        Set-ItemProperty -Path $key -Name DefaultPassword -Value "Password"    }    #Now wait a minute before checking again    Start-Sleep -Seconds 60}

Note that another approach rather than reading the registry key would be to setup a subscription to be notified if the key changed which is documented at https://msdn.microsoft.com/en-us/library/aa393035(v=vs.85).aspx. The same approach could also be used to check for files or really anything else.