I cannot manually cleanup detected threats

What does the log say?  Can you post a screenshot or extract?

The log to check depends on the scan you ran.  You can normally right-click the white area in the Scans window....

Thanks for the reply.  The scan actually fixed my problem but I have still not been able to remove the threats.  I tried right clicking in the white area of the scans box as you suggested but got no response.

I am trying to attach a screen shot of what I have but am not sure if I have done it correctly.

The manual cleanup is most likely due the the location of the item(s).

Can you select the item and expand the 'Show Details' lower panel and screenshot that?

Example:

I was about to send the screen shot you asked for when I realized it had my name in it and while I have no issues with you seeing that, the site is available to all.

The path  and file name is:  /Users/my name/Library/Mail/IMAP-myname@gmail.com@imap.gmail.co.....

The Original Location is the same.  There are also locations shown in Time Machine.

Hope this is enough information.

The Time Machine locations will be the ones causing the problem/failure.  You need to delete the file from the Time Machine backups manually - it's not a volume the program is allowed to write to (change files).

Watch/listen to this:

Thanks for the video.  As you might expect, my screens aren't exactly like yours and I'm not sure what is relevant and what isn't.

My log shows the virus in gmail attachments with a 10/10/13 date and each finding in the log has a 5 digit number as well as a title near the end of the string.

Time Machine won't let me go back to 10/10/13 so I found the numbers in the current date.  I could not see the names or titles and could not open the files associated with the numbers.

I tried deleting the file numbers and everything went as you showed except that they didn't delete.  I quit Time Machine and then went back in and the same numbers were still there.  I don't know if that is a good thing or a bad thing since I couldn't see the file names.

Is there one or more items listed in the quarantine manager at the moment?  If so can you unlock the panel select one of the items and click 'Reveal in Finder' as it might be best to go round and try to remove as much as possible.

If you can do that and then 'Clear From List' any remaining items (so the quarantine is empty).  Then run a fresh scan and see what is still detected.

A screenshot of the quarantine would help (cmd + shift + 4 + spacebar) if something else is detected.  If you need to redact parts right-click the screenshot (should be a .PNG file on your desktop) and open with 'Preview'.  You can select rectagular portions and then cmd+x to cut the part out and leave a gray box.  In Preview you can even use the dropdown menu Tools | Annotate ...and draw boxes over parts and/or comment on things.  Quite useful.

Really made progress!!  I Revealed in Finder and was able delete there and then did the "clear from List" on the remaining items.  I neglected to do the screen shot before i deleted and cleared.  Afterwards I ran a scan which found 1 threat that Sophos could remove.  I did that and ran another scan.  This time NO THREATS! Sophos did find some issues which I believe are "corrupt files" shown in the scan log.  Do I need to do anything with these? What?

I truly appreciate your help on this drawn out process.

---

easyoz wrote:

Do I need to do anything with these? What?

---

That's it.  Just keep Sophos running and make sure it's up to date.

The corrupt files are generally nothing to worry about.  See this video about issues detected:

Thank You again for all your help.  This issue is resolved!