For example with SysInternals Process Explorer I can briefly see a process popping up, I even see the window on-screen for half a second, but I can't figure out which tool or method to use to catch it and get its process info.
This is for a class, not help for some actual virus. We're supposed to research the answers for ourselves but as you can imagine results for "popup" are crowded with help articles for general users. I'm looking for a security analyst approach. I'm open to using sysinternals or just powershell.
When I ask instructors about a way to systematically catch the process I'm told to just watch the process list and right click it fast. This seems like an amateur approach to the problem.