http://www.wilderssecurity.com/threads/cryptowall-samples-not-detected-by-any-of-the-55-antivirus-products-on-the-virustotal.368693/
Specifically, posts 3 and 8.
You’d think all that advertising, from every vendor, about sandboxes, clouds, heuristics, behavior, deep whatevers, ng-s, evo-gen-s, hyper-whatevers …, all the fancy names actually corresponded to the tragic reality of not detecting one of the biggest internet threats. But the reality defeats them all. Sad, very sad.
There is no date mentioned.
Could be e.g. 50 years ago.
The new CryptoWall samples were not detected by any of the 55 antivirus products used on the VirusTotal website when they were discovered SundayThat doesn't mean anything at all. Some malware is only detected "on access" not while scanning files/websites.
A recent analysis of the CryptoWall operation by Dell SecureWorks revealed that the malware has infected more than 600,000 computer systems since MarchMarch of what year? 600k infected systems? Where is the prove of what he claims? Besides, it is a fact that 99,9% of the people who have a computer have no clue at all on how to protect it in a somehow decent way.
Quoted article written Sep 29, 2014 8:50 AM PT
and one of the refs is from after August of this year, though undated.
Check these out
http://www.networkworld.com/article/2688993/malvertising-campaign-delivers-digitally-signed-cryptowall-ransomware.html#tk.rss_security0
http://www.pcworld.com/article/2600543/cryptowall-held-over-halfamillion-computers-hostage-encrypted-5-billion-files.html
Somehow it doesn’t look to me like a 50-year old story. Sorry.
Re your statement “Some malware is only detected “on access” not while scanning files/websites.” - yes, Ok, it confuses users, but that’s true. Whether it’s a useful distinction to make, I’m not sure.
Yes, pretty disturbing.
Hi schmidthouse,
Again showing that the modern user cannot go out on the Interwebs without being protected by a decent adblocker, like ABP for instance or a script-blocker like NoScript or SafeScript inside the browser. Moreover it is vitally important to keep OS and third party software fully updated and patched. Most of the victims out there were victims because they did not know about safe-hexing. The latest is software that comes along with bundled “goodies” another threat for those that click after anything that shows up on the screen. If you have no driving license and cannot drive a car you should not drive a car on the highway. If you do not know how to safely work a computer you should not be out on the Interwebs. So in a lot of cases that warning finger should point from the screen to the one that sits in between the chair and the keyboard.
polonus
Yes Pol this is true, unfortunately we don’t live in a perfect world (computing environment) and some people historically have shown, will always do foolish things. 
Totally true what Polonus said.
On the other hand, how many security apps one can pile up and not create a mess (I gasp as I look at my own sig).
And where are users supposed to learn all that in their busy lives.
We need a security internet police, a global entity. It won’t work, but I can always dream.
[rant]In the meantime, avast could write us better help files, simpler non-phone-like GUI, and really concentrate on future threats instead of spending resources on all that stuff in the middle column of the installation selections. And drop that dishonest and worthless phone support people keep writing about [/rant]
Yup, agreed.
In a perfect world 
Hi cooby,
And when one knows how to protect oneself, one should do that without any “overkill”.
So watching your clicks and one resident av solution like avast! next to MBAM or SAS and CCleaner and a browser with a good ad-blocker and script blocker together with a good update policy and enough grams of common sense should keep your device free of malcode and undesirables.
Users that apply such a policy and know what they are doing and why can use a computer for fun, and that is what one is supposed to have in this short period one spends under the moon or in the sun ;D …
polonus
Good security stand or falls with the knowledge of the user.
The user is always the weakest link.
Never, ever use a account with admin rights for daily use.