Registry blocking rules prevent users and unauthorized programs from
altering, opening, or deleting specified registry keys and values.
Note: When creating a registry blocking rule, use the best matching
hive registry subtree abbreviation. For example, to block
HKLM\System\CurrentControlSet\Services\MyService,
choose the HKCCS hive rather than HKLM.