Bonchev Information Technologies and Systems
Software for organizations and people.
MBBSoftware Blog - Malware Resolution Protocol - No More Malware Hi guest
Sign up - Login

Malware Resolution Protocol - No More Malware

By Miroslav Bonchev Bonchev Botev
The following protocol can eradicate or make almost non existent any malware. The protocol is simple and can be implemented within days and eradicate all malware within a week. Some users may suffer slight inconveniences until their software providers comply with the first instruction of the protocol.

Malware Resolution Protocol - No More Malware - Core

  1. Software manufacturers identification: software manufacturers must be registered (have authenticated accounts) with the operating system manufacturer.
  2. Machine software identification: software must be digitally signed by the operating system manufacturer and its digital signature(s) must be registered with them. Software can be signed additionally by other Certificate Authorities for added security.
  3. The operating system must never start or load an executable file (binary or script) which is not digitally signed by the operating system manufacturer or its signature verification fails.
  4. If a software is identified as a malware, then the operating system manufacturer can terminate it worldwide by advising all internet connected machines that particular software (identified by its signature) is a malware. This can be done by revoking the developer’s code signing certificate and/or by operating system update.
  5. The authorities can bring the developer of a malware to justice, because the latter was identified by the Certificate Authority (in 1.) in order to issue their code signing certificate (in 2.), including their bank details for payment, address, etc.
  6. Non-signed software can be run or loaded only after triple WARNING screen – this allows legacy software to still be used.
  7. Software compiled (and locally signed) on a machine can run on it without warning screens – this would allow developers to still work efficiently.
The first four rules guarantee that malware software does not run and propagate. However, if such software does appear, then it can be terminated immediately and its authors swiftly brought to justice. An important side effect of the protocol is that it also terminates the use of cracked software, as the digital signatures of such software are invalid. The fifth rule provides means for old software to still be used. The sixth rule allows software developers to work efficiently without warning screens.

The Malware Resolution Protocol (core) requires placing a few “if” conditions at the beginning of the process and DLL loader, and a simple “Warning” window. The protocol does not require complex development, nor does it slowdown computers, in difference from anti-virus software. The protocol makes anti-virus software mostly obsolete saving time, money and energy. It can help businesses and people restore trust in unknown software, save billions from losses due to malware, and bring criminals to justice. Further, the protocol disables all cracked software thus helping software manufacturers. Additional non-vital but strongly recommended rules can be added to the protocol, including:

Malware Resolution Protocol - Addendum - Optional Rules

  1. Hierarchic software identification: operating system manufacturers must enforce an unified schema for software identification e.g. manufacturer.application.version. The hierarchic software identification must be also stored by the operating system manufacturers, when registering the software in 2.
  2. The operating system must provide functionality to allow the user to easily audit all executable files and all manufacturers of software found on their computer.
  3. The operating system must provide functionality to allow logging of application activities, such as loaded modules, and used APIs and functions. For example, the user/OS manufacturer can request logging of part or all of the activities of specific or all copies of an application on a computer.
  4. The operating system must clearly displayed information about the manufacturer of software and the status of its digital signatures next to its name or in a balloon.
  5. The operating system must display triple WARNING screen when a non-installed software is started, regardless that it may have a valid signature - this will stop executable code passed with malicious emails.
  6. The operating system must allow processes to specify the manufacturer of the library they attempt to load, or process they attempt to start, or script they attempt to execute.
  7. Similar requirements must be enforced for browser or other software extensions, as well as for internet controls.
  8. Software manufacturers must be able to audit and review their accounts and issued signatures at the Certificate Authority which signs their code.

The protocol does not prevent all possible cyber-attacks, but limits malware attacks to nearly zero. It also fully precludes use of cracked software. In its entirety the protocol is doable in a few weeks. The core of the solution can be put in place in less than a week, and the additional rules can be added gradually. In its most basic form the protocols consists of two points:
  1. All software must be identified.
  2. Non-identified software is never run.

As I demonstrate in the video below, Windows ignores checking the integrity of software and executes corrupted (possibly infected with malware) or unknown origin (possibly malware) software:

There is one question which this protocol cannot answer - namely why Microsoft has not implemented such protocol 25 or more years ago?!

Miroslav Bonchev Bonchev Botev
19-th May 2017
We would love to know your thoughts and opinions on this article. Please leave any comments or questions you may have about it in the box below, and create a free account or subscribe to our newsletter if you wish to be notified when we publish new articles.
Community Content
(To enter your comments you must be signed in. Log in or create FREE account.)
Be the first to comment.
The ELIAS Project
Fine Art App
Information Presenter
Act On File
Audio Control
Photo Window
Information Presenter
for Museums and Art galleries
for Schools and Universities
for Resorts, Hotels and Cruises
for Parks of any kind
for Corporations
for any business
Encryption and Authentication
Safe Online Communication
Website Testimonials
Learn how to store private keys
Make The Most From Your Files
Convenient Volume Control
Photo Window - an Awesome Gift
My Account
FAQ - Forum
Email this page
Bonchev IT
Public Authentication Key
Public Encryption Key

© Copyright 2023 Bonchev Information Technologies. All Rights Reserved.
Machine translation:

Email this page
use semicolon to separate emails eg:;
a link to this page will be automatically added to your message
Please type the anti-bot text below.
Type text:
Thank you for subscribing to the MBBSoftware newsletter.
Enter your email address:
Please type the anti-bot text below.
Type text: