It's visibles that you used to work for an AV company and haven't followed the advances of the industry.
As you don't mention any of the modern day technologies like heuristics and file reputation in cloud.
It's true that the world is full of auto morphing malwares, but you can still detect them new variants through heuristics. Which in turn delivers the results to what is generally known as some sort of Antivirus Cloud Lookup or File Reputation Lookup.
Also the AV industry shares information between them. So in the background you don't have anymore analysts looking at every sample file. Instead there's automation that analyses each incoming sample.
The old scan databases you prefer to are usually last line of defense now days if all the other technologies before haven't been able to show the file to be known good file or bad file.
Full disclosure: I currently work for computer security company.
I have most definitely followed the advances in the industry because I worked in it in the past few years.
Heuristics are not a new thing in the AV industry and have been in the works even before the dotcom boom. Even with advances in it, it has been proven to either not scale or be absolutely worthless.
Anti-virus "cloud lookup" is just a stop-gap between signature updates. It's not a new idea and all you're doing with that is cataloging MD5s and making them available via whatever network server you choose to use. It's still a signature.
Here's a perfect example of why AV is useless: until 64-bit Windows was commonplace and before XP support was dropped, it was ineffective in stopping the likes of Aleurion (also known as "TDSS" or "TDL").
How did this malware work? Well, in its many, many different permutations, it would get dropped on a machine, become executed, and if the machine was running XP Service Pack 2 or less, it would make use of a vulnerability in the print spooler, get system-level control over the computer, and then it would infect the master boot record with its own bootloader.
How does AV remove it? Well since every time you reboot, it restores its copy of the malware, all it can do is scream that the world is falling because it can do absolutely squat about it. You have to remove it from the bootloader and then do a scan afterward while having taken the system offline.
What fixed the problem? Well applying a patch in the OS is what fixes the issue once and for all--SP3 was the easy way.
If heuristics really worked as you suggest it does, we wouldn't see Cryptolocker and the likes getting around AV. AV evasion is better than ever and heuristics have done absolutely nothing to solve the problem.
It's true that the world is full of auto morphing malwares, but you can still detect them new variants through heuristics. Which in turn delivers the results to what is generally known as some sort of Antivirus Cloud Lookup or File Reputation Lookup.
Also the AV industry shares information between them. So in the background you don't have anymore analysts looking at every sample file. Instead there's automation that analyses each incoming sample.
The old scan databases you prefer to are usually last line of defense now days if all the other technologies before haven't been able to show the file to be known good file or bad file.
Full disclosure: I currently work for computer security company.