I have a very strange question. If virustotal checks a malware sample, are those sent to AV vendors?
Why am I asking this? Because it is said, that yes, the samples are sent to AV vendors. But the practice does not follow this assumption.
Here are two scans results of the same malware:http://www.virustotal.com/analisis/8997c271747fbb83d870ffe9f6ad034dhttp://www.virustotal.com/analisis/a5b12389a3f23687c787eeb0a2ab12bf
The first was scanned on 2008.11.11 with detection rate of 6/36, the second scan was performed on 2009.03.18 with detection rate 9/39. One of the 3 new AV vendors detecting it were new in virustotal at all, and two of them detect it because they have already found what the malware is about. Although this is only one case, I bet everybody can find such examples in a very short time.
But the question remains, are those samples sent to AV vendors? If yes, why they didn't react in 4 months, if they are not sent, why???