Your problem is, that you are adjusting a Shell Policy. Before it is applied, the shell must be restarted.

Try this:
code:
.
.
.
Else
   $Ret=WriteValue("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum","{20D04FE0-3AEA-1069-A2D8-08002B30309D}","1","REG_DWORD")
   $Ret=FindProc("Explorer.exe",,1)
EndIf
Exit
  
;*** FindProc, curtesy Radimus
FUNCTION FindPROC($PROC,optional $COMPUTER, optional $terminate)
  dim $GetObject, $Select
  if not $computer $computer=@wksta endif
  $GetObject="winmgmts:{impersonationLevel=impersonate}!//$COMPUTER"
  $select="select * from Win32_Process where Name='$PROC'"
  For each $Process in GetObject("$GetObject").ExecQuery("$select")
    if $terminate $Ret=$Process.Terminate endif
    $FindPROC=$Process.ProcessId
  Next
ENDFUNCTION
Note that the user might not have write privilege to write in Local Machine, and is not needed.

And btw, Yes it can be done with a Policy (you have to write the adm template yourself, though).

Best regards