How can I print the list of alarms so I can give my customer the print out. I like to give them printouts of the virus's and trojans I remove with various utilitys, tds appears to have no ability to do this...

Hello Dale & welcome.

You will find the TDS3 text logs in the TDS3\Logs folder.

HTH Pilli

yes I found those, no they dont have a list of the alarms found.

What about this:

If you see an alarm in the bottom of the console then right-click it.
You will see an option to save it as text.
See the Help-file chapter "Disinfection - Removing trojans".

And, as Pilli wrote, the console-activity can be logged in a daily logfile.
Set it up here:
TDS3 Configuration > Options > Misc Options > Log console activity

OK, I see what you want now :-[ Right click on the alarm and save as text

This is what I get:

Scan Control Dumped @ 23:01:11 29-03-04
Positive identification (DLL): RemoteAdmin.RAdmin 2.0 (dll)
File: c:\windows\system32\admdll.dll

yes but now i have to do that for each alarm and then edit all that into one file so i can just get a simple print out that says

randex1.worm found in gjfdtrds.com
firedaemon found in yjrdtue
etc etc

the system i am doing now has over 40 alarms I would like to give that list to the customer. so I am doing a print screen, but that looks so..... primitive, completely non profesional....

I do not think there is another easier way of logging multiple alarms unless there is a script for it.

Maybe DCS will be able to supply you wth a better solution, they should be about in a few hours. :)

Again I agree with Pilli ;)

But there might be another solution:
Use the (not-free) screen-capture program SnagIt, and set it up to make a text-capture.
Here is a part of a little example that I just made with it from the TDS-3 console (just only an example !):

00:24:37 [TDS] Good morning Jan. I hope you're taking regular breaks for your eyes?
00:24:57 [Memory Scan] Memory scan started, please wait a moment ...
00:25:03 [Memory Scan] Memory scan complete.
00:25:04 [Mutex Memory Scan] Started...
00:25:05 [Mutex Memory Scan] Finished (no trojan mutexes found).
00:25:05 [Trace Scan] Started...
00:25:33 [Trace Scan] Finished.

Boy I hope they improve on some of these little things with TDS-4

:( :( :( :( :(

Oops, guys why you make it yourself so difficult?
Once TDS is ready with it's scan you have your 40 alarms in the bottom console, no matter which rightclick on it and choose "save as text" and it will write the whole current list to a file Scandump.txt which it even asks if you want to read it now, a notepad file it is, which you can copy or save away with another name so it is not overwritten next time you save a new series of finds.
Easy if you want to compare them or send your alerts list to Gavin asking him if he wants some of your shoppe for his collection or that something might be a false positive, whatever.
Next time the next dump will overwrite the existing text so you never get miles long logs, reason to save it Whit another name if you really need to keep your list.

You do the same with your capture.bin in Port Explorer: save it away with another name if you need to keep it or it will be overwritten after you cleansed it.
Could imagine if you see an active keylogger of nasty calling home you might like to spy on such a packet and keep the data for further study (for IPs or names) or proof that it was active.

That together with the copy scandump is good proof.

Yep... works just fine.. No probs Jooske. ;D

Did two separate scans, on 2 folders I knew I would get a response from, both results showed up, and right click, save text, said yes to read. Bingo.... got BOTH entries in one report. ;)

Scan Control Dumped @ 13:55:09 30-03-04
Suspicious Filename: Dual extensions
File: c:\documents and settings\fstop\desktop\miscellaneous\programs plug-ins\trillian setup info\trillian-v0.74d.exe

Positive identification: Demo.Leaktest 1.1 (Not a trojan)
File: c:\documents and settings\fstop\desktop\grc_stuff\leaktest.exe

Cheers, Adrian.

Yep, and i log the whole console activity on a daily basis as well, so for wanted reportages like Jan already pointed out, just copy such parts from the logs and paste them in reports as well.
Configure in the Configuration the day/month/year/hour/minute/seconds time setting and you have the overviews how much time it all took to collect it and when it happened etc. Handy beside firewall logs, Port Explorer logs, etc. in case of events.