Please do a search on here for Time Machine

Your best option for removing threats from within Time Machine is to do it by hand, from within Time Machine.  Removing threats from outside Time Machine with Time Machine enabled could cause problems with your backups.

If you don't want to worry about potential Windows malware in your backups, just exclude your Time Machine volume from on-access and on-demand scans, and remove the detections from the quarantine manager.  I'd also suggest excluding your temporary and cache folders from Time Machine backups, to speed up backups, save space, and prevent conflicts with other software that may read the Time Machine volume.

I didn't get the time to address the cleanup until today, and two more threats arrived today although not on TM. I had left the QM on the desktop this week, but when I went back to it today to follow your instructions, it was blank; not even today's threats were on it. What do suppose may have happened? And, can I get that list back in order to eliminate those threats?

In any case, I went ahead and excluded my external drives in the On-Access area, leaving the partitions of my main drive. But I do not see any On-Demand section or tab. Also, I don't know what "virtual TM" is let alone how to exclude it.  Can you please provide instructions for that suggestion?

http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Mac-Home/Macbook-Air-with-Lion-freezes-during-T...

http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Mac-Home/Threat-Showed-Up-in-Quarantine-Manager...

http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Mac-Home/How-do-I-ignore-scanning-my-Time-capsu...

http://openforum.sophos.com/t5/Sophos-Anti-Virus-for-Mac-Home/How-do-you-create-a-custom-scan/m-p/10...

I am having practical problems reaching Time Machine threats. Do I actually go into TM itself or do I go to the HD on which it is stored? I didn't see how to find the threat by going to TM, so I went to the HD, but I couldn't follow the path since the user library is not available and the Option key trick doesn't appear to work on another HD. Plus those paths are so darn long that I had to print out each one in order to follow it. There has to be a better way to do this.

I selected a preference that apparently deletes the threat without my having to do anything, so I get notification of a threat and when I go to QM, it's blank. Is this a good thing to do? What does it do when it comes to a threat that it cannot clean up?

Do I even have to bother with these Windows only threats, especially when they are on the TM HD?

You talk about setting up a custom scan somewhere for the virtual TM. But I don't find the threats by actually running scans. I just wait until I get notification by Sophos's automatic scanning. Right now I have 4 I'm waiting to deal with on and off TM. This software is an awful lot of trouble--good thing it's free. Plus I am continually aggravated by having to send for a password rest every single time I want to get on here.

 You actually do go into TM itself.

If the path is something like /Volumes/TimeMachineBackupDrive/DateStamp/MyHD/Users/MyUserName/Library/Mail/DownloadedAttachments/Blah.xls then you would use the Go Menu in the Finder to navigate to ~/Library/Mail/ and then use the Time Machine menu to enter time machine.  Navigate to the file, right click it, and select "remove all backups".

THEN, go into Sophos Anti-Virus preferences, select On-Access, and add /Volumes/TimeMachineBackupDrive to your exclusion list.

You may also want to take that opportunity to add your caches folders (and anything else you don't need backed up) to the exclusion list in Time Machine itself.  This will speed up your backups, reduce the risk of on-access issues, and save storage space.

Only one of the 4 was I able to find and eliminate. With the others, the path just didn't follow through as instructed. One piece of another was missing. Is this common?

If they were detected on something that rolled off the end of your backup, or were in a cache folder, then they could easily no longer be present (which is why they also vanish from the quarantine manager).

Unfortunately, they are still in the QM even though the path cannot be followed. The 3 left are all in spam.mbox. I wonder if I should just the delete the entire spam.mbox from TM. Of what possible use could a backup of the spam folder be?

I agree... don't just delete it, add it to your TM exclusion list.  I've been doing that a fair bit lately, and my TM is behaving much better now that I've excluded various caches and other folders that I'd never want to restore from backup.