hi @nanto01 , you are absolutely right, and we are constantly improving our detection methods (AV, HIPS, VirusScope etc…) However, when we look at a different angle, detection is not the solution, as 100% detection is impossible, according to Alan Turing’s Halting Problem.
here is a scientific study that proves it right, and comes up with a solution: “Shadowize” (aka Comodo’s patented Kernel Level API Virtualization technology).
this is what Comodo is doing: Preventing the “payload” from causing damage.