Trace all events of network, file system, peripheral, kernel object(process,thread) in windows. These is valuable for analyze some problems that's happened in windows. Example(above windows 8): 1.Open bittrace to captures the events in windows. 2.Execute command: bcdedit /set bootmenupolicy legacy 3.Check the Set reg value events 4.Will find the registry path for the bootmenupolicy configuration.
Windows Server 2008