You can't fix the insecurity of the internet with application software
What is really needed is an internet programmed for security. The whole of the current internet architecture depends on the honesty and goodwill of all of its users.
This was somewhat valid back in the first days of ARPANET, when it connected a few dozen universities and defense contractors, but now it is an insurmountably FALSE assumption.
A secure internet for commerce and academia needs to enable the swift tracking of criminal traffic. This could be done. But replacing the current internet and its protocols won't be cheap or simple.
This said, if it was possible to make anything vandal proof, the makers of vehicles and buildings would have found it in the past 1,000,000 years.
There is just no way, using software and hardware, to prevent people installing well written trojans.
Plus, on large software or firmware projects, there is just no way to ensure that nobody on your staff ever has a bad day where they miss a mistake.
As with bank vaults and military tanks, thick walls are not enough. You need active force to prevent penetration of defenses. And for inhibiting malware creation and use, this means laws and law enforcement that work swiftly and accurately to put the real criminals behind bars for adequate periods of time to create a deterrent effect.
As it is, many criminals refuse to admit that breaking into other people's computers without permission is an immoral act that ought to have criminal responsibilities. People with low morals either see any legal act as a moral act, or they see any unpunished act as a moral act.
The alternative, white listing of software and firmware, would involve the OS maker (or someone else) issuing licenses for approved safe software. Issuing the licenses won't be free.
In the end, maybe in 10 years, we'll collectively see there is no alternative to overhauling the architecure of the internet to create security, and to using white-listing.
Until we collectively reach that decision, we are stuck with virus scanners, and improving law enforcement.