Malware Dynamic Analysis with Windows Sysinternals - AutoRuns
AutoRuns is a tool bundled inside the sysinternals suite that is used to view and monitor auto-run processes in Windows.
A Quick Snap of the tool:
AutoRuns detects that some xws.exe is inside the SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry, which is a common type of persistence mechanisms for a malware. In this case, malware that adds itself to this registry key survives the reboot.