My Firewall/Process Monitor shows an alert saying that Trojan Remover wants to create a service called TRDUMMYnn (where nn are random numbers). Is it safe to allow this?

Yes, you should allow this action. TRDUMMYnnn is part of Trojan Remover's routines to check for stealthed (rootkit) drivers. Basically, Trojan Remover writes a dummy service entry to the registry, just to confirm that it has write access. The entry is immediately deleted. You should instruct your Firewall/Process Monitor to always allow this.

 

Kaspersky Antivirus shows an alert screen every time I start Trojan Remover, about a "hidden install". I have added Trojan Remover to the Trusted Zone, but I still get the alerts - how do I stop this?

Start Trojan Remover. When the "hidden install" alert appears, click on "Add to Trusted Zone". In the screen that appears, click on the blue highlighted "Hidden install.." message next to Verdict mask. In the box that appears, remove the checkmark from the "Advanced Settings" box. Click on OK to close the box, click on OK again to close the Exclusion Mask box. The "hidden install" alert should no longer appear when you start Trojan Remover.

 

---