I have a client who had a scareware event with a threatening dialog that offered a number to call to "help him". I disinfected, as I normally do, with Adwcleaner, Malwarebytes, and Hitmanpro64, which usually does a nice job eradicating the beasts. Another has appeared that seems familiar, and so I'm concerned that I might have missed something The dialog, which my client sent me, and I didn't myself experience, is attached.
My question is how can I find the source of that dialog, or others of that ilk, and know that I've removed it, or not, using the above system or another.
Your insights are appreciated.