@ralfmaximus @dangoodin all three have been bypassed multiple times over the years, and installed a variety of rootkits on millions of systems to create e.g. botnet networks

There have also been various other Windows API and kernel driver flaws where the malicious software evaded their scans, which are typically "event driven"

Now imagine a rootkit where a secure erase of the disk and clean Windows reinstall would not remove it...