Malware Dynamic Analysis with Windows Sysinternals - AutoRuns

AutoRuns is a tool bundled inside the sysinternals suite that is used to view and monitor auto-run processes in Windows. 


A Quick Snap of the tool:

AutoRuns detects that some xws.exe is inside the SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry, which is a common type of persistence mechanisms for a malware. In this case, malware that adds itself to this registry key survives the reboot.