What if they made a kernal that could not be compromised and tools to say exactly what is not a windows component and have people white list background workers.
There is process explorer but make dependencies to the application not always on data thieves.
Boohoo apple