Autorunsc is a tool from Windows Sysinternals that lets you view all services configured to run as part of the system startup. It can be grabbed here: https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns
The tool needs to be run on a live system, and can be run as so:
autorunsc.exe -accepteula -a * -s -h -c > autoruns-results.csv
Open the file in Excel, sort by the “Signer” column and filter for all non-verified vendors and ones you aren’t familiar with. Then look through Image Path, Launch String and Entry Location columns for anything suspicious.