Leaving your client pc unprotected form client use is not a good idea. Even if you spend a lot of time locking down windows control panels or blocking access to system folders, there are still a lot of things that can be changed by the customer, even if he does not intend to cause damage.
Some of the things that a customer can change on the client pc:
In order for you to counter the above you would have to:
Even if you succeed in the above, you will still face issues with customers that want to run a game not present on the pc, or make a change (for example to mouse settings).
A simpler way to avoid all the above is to use programs that revert change made by customer, after each reboot. There are a number of apps, free and paid, that can do just that:
All of the above apps basically do the same thing. Revert the PC to the original state, after each system reboot. The only downside to using such an app is that you must disable them in order to make any permanent changes/updates, then re-enable them.
Another way you can protect the client pc is using a network boot solution. This allows you to boot the pc from a network windows image. This has the added benefit that you only have to modify this single image whenever you want to make any changes to the client. On the other hand, it requires high-end hardware to achieve the same speed as of that of a local hard disk.