Analyzing Offline Systems
You can use Autoruns to analyze the autostart configuration of offline systems, something that can be useful for malware analysis and cleaning. To analyze an offline system, open the offline-system browse dialog by selecting File|Analyze Offline System. Specify the path to the system root (e.g. \Windows) directory of the system you wish to examine. You can also specify the location of an associated off-line user profile to examine by entering the path to the top-level directory of the user profile (e.g. \users\joe).
Note that Autoruns will only show correct file information for autostart paths that are on the same volume as the system volume.