And I thought it was just a Microsoft ploy to force a massive upgrade to Win 10. Paranoia reigns. Thank you America.

Something else that I run on my PC besides my AV, is this anti-exploit, anti-ransomware program.  It is a behavior based tool that intercepts stuff like ransomware.  It is lightweight and works alongside your chosen AV.  It doesn't seem to have any performance hit on the computer.
 
For peace of mind in these tough times!   https://www.hitmanpro.com/en-us/alert.aspx
 
This company was recently acquired by Sophos, who have integrated these tools into their enterprise AV products.  I hear that it was effective in intercepting the recent ransomware attacks.
 
I'm not saying everyone should run out and get this, but they do offer a free trial. So if you are concerned about ransomware, or drive by malware attacks, it may be worth a look.  I use it, and now I'm a believer!

stevec

Fleer
Edith: Macallan 1981. Nice.

Oooh...   Macallan's 1981?  As in aged 35 years?  Nice.

Sadly, no. It's an 18 years bought around 2000, but since 1981 is the year I met the wife, I'm hanging on until 2031 before it'll fill the quaich.

abacab: have you looked at system overhead with HitmanPro? My concern is that anything that hooks into low-level system calls is going to necessarily degrade system performance. Not a concern for most day-to-day computing, but paramount for a DAW that needs every CPU cycle it can get for the task at hand.
 
I see nothing at all on their website that explains how HitmanPro actually works. This is a red flag for me. Obfuscation is never necessary for a security product to be effective; it serves only one purpose: it allows marketers to make unchallenged claims.

bitflipper
abacab: have you looked at system overhead with HitmanPro? My concern is that anything that hooks into low-level system calls is going to necessarily degrade system performance. Not a concern for most day-to-day computing, but paramount for a DAW that needs every CPU cycle it can get for the task at hand.

 
I can run this on my DAW and still pass LatencyMon with flying colors.
 

I see nothing at all on their website that explains how HitmanPro actually works. This is a red flag for me. Obfuscation is never necessary for a security product to be effective; it serves only one purpose: it allows marketers to make unchallenged claims.

That is a shame, apparently since the original SurfRight website that described it in detail, has been shuttered and brought under the umbrella of Sophos, which remains rather opaque.  Probably just due to the transition period for bringing the products into the parent portfolio.  The two devs that developed this were paid handsomely to be acquired, and are still very active in it's development. 
 
Sophos is marketing this technology now as part of it's endpoint security for enterprise customers. They call it InterceptX and explain it here.  https://www.sophos.com/en-us/products/intercept-x.aspx
 
HitmanPro products remain a consumer only product line, but the original tech came from HitmanPro.Alert.  HitmanPro is actually two products that com bundled together with one license.  HitmanPro.Alert is the exploit interceptor, and HitmanPro is an on-demand scanner/cleaner.
 
If you have ever heard of Microsoft's EMET, this begins with a similar concept, but goes way beyond.
 
There are two main parts, Exploit Mitigations, and Risk Reduction, for protection against unknown, 0-day, or patient zero exploits.
 
As far as impact to running applications, the Exploit Mitigations are only designed to protect internet facing applications, such as browsers, email programs, media players, office applications, browser plugins, etc.  So it's not really going to affect any other local stuff running that is not explicitly protected.
 
The second part, Risk Reduction, provides some additional system hardening protection.  These can be individually toggled on and off just by clicking a button on the GUI.  A few examples are:
Cryptoguard - detects encryption of files and stops the attack
Keystroke Encryption - protects against keyloggers when filling out web forms
Process Protection - prevents process hollowing
BadUSB - Stops malicious USB devices
Network Lockdown - stops backdoor traffic
 
Bottom line is I can see no additional performance impact from this, running alongside my AV.

Thanks for the info!
 
So I gather it prevents cryptolocker-type malware from getting installed in the first place, as opposed to intercepting their subsequent attempts to encrypt files, at which time they are not internet-facing programs. Yes, I know that this latest WannaCry variant does depend on an internet connection, and that's how it was defeated. But viruses in general do not necessarily have an internet connection or even a network component. No anti-malware software can stop them without placing themselves between user applications and O/S calls.
 
I wonder, for example, how HitManPro can differentiate between malware encrypting a file versus me encrypting a file on purpose.

bitflipper
Thanks for the info!
 
So I gather it prevents cryptolocker-type malware from getting installed in the first place, as opposed to intercepting their subsequent attempts to encrypt files, at which time they are not internet-facing programs. Yes, I know that this latest WannaCry variant does depend on an internet connection, and that's how it was defeated. But viruses in general do not necessarily have an internet connection or even a network component. No anti-malware software can stop them without placing themselves between user applications and O/S calls.
 
I wonder, for example, how HitManPro can differentiate between malware encrypting a file versus me encrypting a file on purpose.

The Cryptoguard defense appears to be part of the internal system hardening, for use after the malware is actually downloaded and executed.  I saw a video on YouTube of a guy clicking on various ransomware samples on his test system, and Cryptoguard prevented the encryption of user files.
 
Some exploits were blocked immediately, while others ran, but did not damage the file system. 
 
This whole approach is behavior based, and uses no signatures.  Cryptoguard apparently stays on alert for any file encryption processes, and maintains a backup of the un-encrypted files in a special Cryptoguard folder inside the Windows folder.
 
If it blocks a process, it can roll back any files that got encrypted before if intercepted the attack.  Clever! 

Sophos (free) user here.

Just yesterday, my workplace got hit with this WannaCry virus (AKA Wanna Decryptor & wcry) by someone opening a "phishing" link from their email. So far, IT seems to have got it under control and rightfully so, all personal emails have been blocked. 
Seems to be a nasty thing going worldwide.

Fleer
Sophos (free) user here.

Sophos Home Premium (beta) includes the ransomware protection.  The release version of Sophos Home Premium is expected to include this protection.  You can sign up for the beta from your free account.  https://home.sophos.com/register/beta
 
Free =>  https://home.sophos.com/