1.4

Cargo.toml

@@ -1,10 +1,19 @@
 [package]
 name = "W11Boost"
-version = "1.3.0"
+version = "1.4.0"
 edition = "2024"
 build = "build.rs"
 authors = ["felikcat"]
 
+[package.metadata.winres]
+CompanyName = "felikcat"
+FileDescription = "https://github.com/felikcat/W11Boost"
+FileVersion = "1.4.0.0"
+LegalCopyright = "© 2024 felikcat, AGPL3 License"
+OriginalFilename = "W11Boost.exe"
+ProductName = "W11Boost"
+ProductVersion = "1.4.0.0"
+
 # Optimize for size.
 [profile.release]
 strip = true
@@ -52,13 +61,4 @@ features = [
 ]
 
 [build-dependencies]
-winres = "0.1.12"
-
-[package.metadata.winres]
-CompanyName = "felikcat"
-FileDescription = "https://github.com/felikcat/W11Boost"
-FileVersion = "1.3.0.0"
-LegalCopyright = "© 2024 felikcat, AGPL3 License"
-OriginalFilename = "W11Boost.exe"
-ProductName = "W11Boost"
-ProductVersion = "1.3.0.0"
+winres = "0.1.12"

README.adoc

@@ -11,8 +11,22 @@ endif::[]
 
 image:W11Boost_GUI.png[480,360]
 
-W11Boost currently globally changes settings. It's not meant for shared computers, as it will change settings that may not be suitable for other users.
-Although, the default checkbox selection is safe for most users as it is as close to stock unmodified Windows as possible without being ineffective.
+W11Boost globally changes settings. It's not meant for shared computers. Despite this, the default checkbox selection is safe for most users as it is as close to stock unmodified Windows as possible without being ineffective.
+
+.Features that stick out:
+- All changes are easily revertable through the Group Policy Editor.
+** To quickly remove all changes by W11Boost, delete `C:\Windows\System32\GroupPolicy\Machine\Registry.pol` and `C:\Windows\System32\GroupPolicy\User\Registry.pol`, then reboot.
+- A focus on being non-intrusive. For example, we don't disable syncing to a Microsoft account, instead we suggest an alternative if that is desired.
+
+- "Disable Defender and Smartscreen" being a replacement for Sordum's Defender Control v2.1, the prior best tool for the job.
+
+- Optional anti-forensics.
+
+- A way to disable sleep and hibernation fully for specific use cases.
+
+- Windows Store and WinGet installers, aimed towards LTSC builds that lack both by default.
+
+- Written in Rust instead of PowerShell or Batch, meaning it is more predictable and robust.
 
 == 1. If not using Enterprise or LTSC or Education, convert the Windows edition to Education
 
@@ -32,16 +46,16 @@ Although, the default checkbox selection is safe for most users as it is as clos
 - Only Windows 10 version 1803 and newer are officially supported.
 - The near guarantee of breaking no program or app is only for the default selection of checkboxes.
 
-- "Reduce local data collection" is very aggressive, it compromises security for ultimate privacy. It will make forensics on your computer difficult.
-
-- "Reduce online data collection" will change how you use Windows; this also affects the security of Windows.
+- "Reduce local data collection" won't change how you use Windows.
 
 - Installing the Microsoft Store and .appx support is generally for LTSC builds of Windows, but works on any edition regardless.
 
-- "Disable Defender and Smartscreen" is a replacement for Sordum's Defender Control v2.1.
+- "Reduce online data collection" will change how you use Windows.
 
 - "Disable Virtualization Based Security" is meant to boost FPS in games and especially make VMs (VirtualBox & VMWare) run faster.
 
+. If you wish to reduce the amount of network traffic to and from Microsoft, use https://github.com/henrypp/simplewall[simplewall].
+
 . Install https://winaerotweaker.com/[Winaero Tweaker] to set personal preferences.
 
 . Download https://github.com/beatcracker/toptout/archive/refs/heads/master.zip[toptout] and open PowerShell as administrator:

src/common.rs

@@ -300,7 +300,7 @@ pub fn center() -> (i32, i32) {
 }
 
 pub fn init_registry_gpo(
-    hkey: windows::Win32::System::Registry::HKEY,
+    mut hkey: windows::Win32::System::Registry::HKEY,
 ) -> Result<(windows::Win32::System::Registry::HKEY, IGroupPolicyObject), Box<dyn Error>> {
     unsafe {
         // The apartment thread model is required for GPOs.

src/gui.rs

@@ -138,7 +138,7 @@ pub fn draw_gui() -> Result<(), Box<dyn Error>> {
         checkbox.set_label_font(enums::Font::by_name(&font));
         checkbox.set_label_size(16);
     }
-    let hklm_safe = HKEY::HKEY_LOCAL_MACHINE
+
     my_checkboxes[2].set_value(true);
     my_checkboxes[8].set_value(true);
 

src/gui/disable_defender_and_smartscreen.rs

@@ -2,20 +2,20 @@ use crate::common::*;
 //use fltk::dialog;
 use windows::{core::w, Win32::System::{GroupPolicy::IGroupPolicyObject, Registry::{HKEY, HKEY_LOCAL_MACHINE}}};
 use std::error::Error;
-//use winsafe::{HKEY as SAFE_HKEY, prelude::advapi_Hkey};
+//use winsafe::{HKEY as HKEY_SAFE, prelude::advapi_Hkey};
 
 pub fn run() -> Result<(), Box<dyn Error>> {
     let (hklm, gpo_hklm): (HKEY, IGroupPolicyObject) = init_registry_gpo(HKEY_LOCAL_MACHINE)?;
     /* Not necessary, for now.
-    let hklm = SAFE_HKEY::LOCAL_MACHINE;
+    let hklm_safe = HKEY_SAFE::LOCAL_MACHINE;
     let tamper_disabled = check_dword(
-        &hklm,
+        &hklm_safe,
         r"SOFTWARE\Microsoft\Windows Defender\Features",
         "TamperProtection",
         4,
     )?;
     let realtime_disabled = check_dword(
-        &hklm,
+        &hklm_safe,
         r"SOFTWARE\Microsoft\Windows Defender\Real-Time Protection",
         "DisableRealtimeMonitoring",
         1,

src/gui/reduce_forensics.rs

@@ -4,6 +4,11 @@ use windows::{core::w, Win32::System::{GroupPolicy::IGroupPolicyObject, Registry
 
 use crate::common::*;
 
+/* Ignored for security reasons:
+    - PowerShell module logging
+    - Event Viewer
+*/
+
 pub fn run() -> Result<(), Box<dyn Error>> {
     let (hklm, gpo_hklm): (HKEY, IGroupPolicyObject) = init_registry_gpo(HKEY_LOCAL_MACHINE)?;
     let (hkcu, gpo_hkcu): (HKEY, IGroupPolicyObject) = init_registry_gpo(HKEY_CURRENT_USER)?;
@@ -242,14 +247,6 @@ pub fn run() -> Result<(), Box<dyn Error>> {
         1,
     )?;
 
-    // Disable Event Logging.
-    set_string_gpo(
-        hklm,
-        w!(r"SYSTEM\CurrentControlSet\Services\EventLog"),
-        w!("Start"),
-        w!("4"),
-    )?;
-
     // Disable File History.
     set_dword_gpo(
         hklm,
@@ -258,14 +255,6 @@ pub fn run() -> Result<(), Box<dyn Error>> {
         1,
     )?;
 
-    // Disable PowerShell module logging.
-    set_dword_gpo(
-        hklm,
-        w!(r"SOFTWARE\Policies\Microsoft\Windows\PowerShell\ModuleLogging"),
-        w!("EnableModuleLogging"),
-        0,
-    )?;
-
     save_registry_gpo(hklm, gpo_hklm)?;
     save_registry_gpo(hkcu, gpo_hkcu)?;