Alright, so like u2desire420 said, 'mshta.exe' is not a virus, and it is a legitimate Microsoft Executable, but I myself have had this same pop-up occur, and decided to do some deeper investigation into it.
I see from your screenshot that you opened the Task Manager to look into the task that was running, and I did the same thing, you just needed to go one step further. Expand that particular running task and you will see a file with a file-path that leads here: C:\Users\USERNAME\AppData\Local\{INSERT_RANDOM_HEXKEY_HERE}. The file in question that is causing the pop-up is in that directory, and is named 'setup.log'. That is what is using 'mshta.exe' to cause these pop-ups. I tried deleting the entire folder, and thought that this would solve the problem. But a couple of weeks later, it reappeared. I tried running MBAM, and that did not pick up on the new offending file, so I dug a little deeper.
Pay attention to about the time that the pop-up occurred. I just so happened to be up on my computer around 1am, and that's right around when the pop-up showed up. I checked in the Task Scheduler and looked for any task scheduled to run around that same time. I found this task: http
/imgur.com/Hi2yuXa. It's scheduled to run at 1:03am. Double-click the task to see the details. Hop over to the 'Actions' tab and you will see this: http
/imgur.com/a/3Yd5u. It's referencing a file located at: C:\Users\USERNAME\AppData\Roaming\UpdateTask\SyncTask.exe.
I believe that if you delete the file located at C:\Users\USERNAME\AppData\Local\{INSERT_RANDOM_HEXKEY_HERE}, and the folder located at C:\Users\USERNAME\AppData\Roaming\UpdateTask, as well as removing the task from the Task Scheduler, you will be rid of your problem. I must admit that I cannot guarantee it because I have only just deleted mine, although I have not had the pop-up return yet.
Let me know what you find out.
Facebook
Twitter