[Feature]: Background Activity Moderator

### Problem statement
BAM is a Windows service introduced in Windows 10 that tracks application execution times and helps Windows manage background applications' resource consumption.

`HKLM\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings`

I found the forensics artifact here https://github.com/MHaggis/PowerShell-Hunter/blob/e80c2bba2a5307cbd0a49047629ff9f391b8d917/BAM/get-BAM.ps1#L57
Please, add the regedit path to `privacy cleanup` section.


### Proposed solution

However, access is denied when you try to purge it via `regedit` or `reg delete "HKLM\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-12345-1001"`. I had to elevate privileges to `nt authority\system` by running `PsExec64.exe -s -i cmd.exe` and then `reg delete ...`.

### Alternatives considered

_No response_

### Additional information

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

[Feature]: Background Activity Moderator #550

Problem statement

Proposed solution

Alternatives considered

Additional information

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

[Feature]: Background Activity Moderator #550

Description

Problem statement

Proposed solution

Alternatives considered

Additional information

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions