A customized script to prevent showing data from the memory, an anti-forensic technique to combat against memory forensic.
#The Script
@echo off
fsutil behavior query memoryusage
fsutil behavior set memoryusage 2
%windir%\system32\rundll32.exe advapi32.dll,ProcessIdleTasks
bcdedit /set increaseuserva 8000
Del /S /F /Q %temp%
Del /S /F /Q %Windir%\Temp
bcdedit /set disabledynamictick yes
bcdedit /set useplatformtick yes
bcdedit /set useplatformclock false
REG add "HKCU\Control Panel" /v ForegroundLockTimeout /t REG_DWORD /d 0 /f
REG add "HKCU\Control Panel" /v MenuShowDelay /t REG_SZ /d 100 /f
REG add "HKLM\SYSTEM\CurrentControlSet\Control" /v WaitToKillServiceTimeout /t REG_SZ /d 5000 /f
fsutil behavior set memoryusage 2 (Setting memoryusage to 2 raises the limit of paged pool memory. This might improve performance if your system is opening and closing many files in the same file set and is not already using large amounts of system memory for other apps or for cache memory).
bcdedit /set increaseuserva 8000 (Note: The value varies depending on your RAM (for e.g. if you have 16GB of RAM the value would be 16000)
Del /S /F /Q %temp% (This will clear the Userprofile Temp folder)
Del /S /F /Q %Windir%\Temp (This will clear the Windows temp folder)
bcdedit /set disabledynamictick yes (This command forces the kernel timer to constantly poll for interrupts instead of wait for them).
bcdedit /set useplatformtick yes (This command forces the clock to be backed by a platform source, no synthetic timers are allowed)
bcdedit /set useplatformclock false (TSC is reliable and will give you the lowest latency and highest fps)
Note: Whenever the script will be executed it will clear the page memory, cache, temporary files, background processes, and idle processes
#End of File